× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: bb7114a866c899f276f772b59ffe46fbed41228d0271ccc3d10a7339fecf943d
File name: 7c36bee5ffeeb447bbf562357967d7fe
Detection ratio: 34 / 69
Analysis date: 2018-09-24 11:21:03 UTC ( 4 months, 3 weeks ago )
Antivirus Result Update
AhnLab-V3 Trojan/Win32.Emotet.R236133 20180924
Antiy-AVL Trojan[Banker]/Win32.Emotet 20180924
Avast Win32:BankerX-gen [Trj] 20180924
AVG Win32:BankerX-gen [Trj] 20180924
CAT-QuickHeal Trojan.Emotet.X4 20180923
CrowdStrike Falcon (ML) malicious_confidence_90% (D) 20180723
Cylance Unsafe 20180924
Cyren W32/Trojan.FVGW-6881 20180924
DrWeb Trojan.Crypt.61 20180924
Emsisoft Trojan.Emotet (A) 20180924
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/Kryptik.GKFT 20180924
Fortinet W32/Kryptik.GKLI!tr 20180924
GData Win32.Trojan-Spy.Emotet.IGYY37 20180924
Ikarus Trojan-Banker.Emotet 20180924
Sophos ML heuristic 20180717
K7AntiVirus Trojan ( 0053c2ba1 ) 20180924
K7GW Trojan ( 0053c2ba1 ) 20180924
Kaspersky Trojan-Banker.Win32.Emotet.bdzv 20180924
Malwarebytes Trojan.MalPack 20180924
McAfee Emotet-FHR!7C36BEE5FFEE 20180924
McAfee-GW-Edition BehavesLike.Win32.Emotet.hm 20180924
Microsoft Trojan:Win32/Emotet.AC!bit 20180924
Palo Alto Networks (Known Signatures) generic.ml 20180924
Panda Trj/GdSda.A 20180923
Qihoo-360 HEUR/QVM20.1.0FC1.Malware.Gen 20180924
Rising Trojan.Emotet!8.B95 (TFE:dGZlOgMv9mAFKtCALw) 20180924
Sophos AV Mal/EncPk-ANY 20180924
Symantec Packed.Generic.517 20180924
Tencent Win32.Trojan-banker.Emotet.Aiig 20180924
TrendMicro TROJ_GEN.R047C0OIK18 20180924
TrendMicro-HouseCall TROJ_GEN.R047C0OIK18 20180924
Webroot W32.Trojan.Emotet 20180924
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bdzv 20180924
Ad-Aware 20180924
AegisLab 20180924
Alibaba 20180921
ALYac 20180924
Arcabit 20180924
Avast-Mobile 20180924
Avira (no cloud) 20180924
AVware 20180924
Babable 20180918
Baidu 20180914
BitDefender 20180924
Bkav 20180924
ClamAV 20180924
CMC 20180924
Comodo 20180924
Cybereason 20180225
eGambit 20180924
F-Prot 20180924
F-Secure 20180924
Jiangmin 20180924
Kingsoft 20180924
MAX 20180924
eScan 20180924
NANO-Antivirus 20180924
SentinelOne (Static ML) 20180830
SUPERAntiSpyware 20180907
Symantec Mobile Insight 20180924
TACHYON 20180924
TheHacker 20180920
TotalDefense 20180924
Trustlook 20180924
VBA32 20180924
VIPRE 20180924
ViRobot 20180923
Yandex 20180922
Zillya 20180922
Zoner 20180923
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © Jan Karger 2014-2017

Product MahApps.Metro.SimpleChildWindow 1.3.2
Original name MahApps.Metro.SimpleChildWindow.dll
Internal name MahApps.Metro.SimpleChildWindow.dll
File version 1.3.2.0
Description MahApps.Metro.SimpleChildWindow
Comments A simple child window for MahApps.Metro
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-09-03 12:23:47
Entry Point 0x00023A9E
Number of sections 4
PE sections
PE imports
GetSidSubAuthorityCount
LookupPrivilegeDisplayNameW
GetSecurityDescriptorDacl
EqualDomainSid
LookupPrivilegeDisplayNameA
LookupAccountSidA
GetCurrentHwProfileW
DeleteAce
GetClusterFromResource
GetDeviceCaps
ExtTextOutW
GetCharWidthFloatA
GetTextExtentPointA
GetPaletteEntries
GetPath
GetSystemPaletteUse
GetTextCharset
AreFileApisANSI
GetCurrencyFormatA
GetStdHandle
GetAtomNameW
LoadLibraryW
GetConsoleCursorInfo
GetProcessTimes
SetFileApisToANSI
FlushFileBuffers
GetModuleFileNameA
SetFileApisToOEM
GetOverlappedResult
GetTapeParameters
FindFirstFileExW
EnumSystemLocalesA
LoadLibraryExA
SetSystemFileCacheSize
GetFileSize
LockResource
GetWindowsDirectoryA
GetVolumeInformationW
GetStartupInfoW
FoldStringW
GetCommandLineA
GlobalLock
GetConsoleScreenBufferInfo
WriteProfileStringW
EnumTimeFormatsA
FindResourceExA
GetProcAddress
GetModuleHandleA
FindFirstFileExA
GlobalAddAtomA
GetTimeFormatA
GetThreadTimes
GetDiskFreeSpaceA
GetTapePosition
GetBinaryTypeA
GetThreadContext
GetLogicalDriveStringsA
GetTimeZoneInformation
LoadResource
GetConsoleWindow
DeleteTimerQueue
GetCurrentThreadId
GetCurrentThread
LoadRegTypeLib
GetRecordInfoFromTypeInfo
FindExecutableA
FreeContextBuffer
FreeCredentialsHandle
GetClassInfoExW
GetKeyboardLayoutNameA
GetInputState
DefMDIChildProcW
GetScrollPos
DestroyMenu
GetRawInputDeviceList
FlashWindowEx
GetWindowThreadProcessId
FreeDDElParam
GetClassNameA
DialogBoxParamA
GetMenuDefaultItem
GetTabbedTextExtentW
InsertMenuItemA
DestroyIcon
GetRawInputData
PackDDElParam
GetClassLongA
GetSubMenu
EnumThreadWindows
GetDesktopWindow
IsWindowUnicode
IsMenu
FindNextUrlCacheEntryExW
FindNextUrlCacheEntryExA
FindFirstUrlCacheEntryExA
GetPrintProcessorDirectoryW
GetStandardColorSpaceProfileW
strtol
malloc
setvbuf
GetRunningObjectTable
FaultInIEFeature
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.0

Comments
A simple child window for MahApps.Metro

InitializedDataSize
389120

ImageVersion
0.0

ProductName
MahApps.Metro.SimpleChildWindow 1.3.2

FileVersionNumber
1.3.2.0

UninitializedDataSize
1006425862

LanguageCode
Neutral

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
12.1

FileTypeExtension
exe

OriginalFileName
MahApps.Metro.SimpleChildWindow.dll

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.3.2.0

TimeStamp
2018:09:03 13:23:47+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
MahApps.Metro.SimpleChildWindow.dll

ProductVersion
1.3.2.0

FileDescription
MahApps.Metro.SimpleChildWindow

OSVersion
5.0

FileOS
Win32

LegalCopyright
Copyright Jan Karger 2014-2017

MachineType
Intel 386 or later, and compatibles

CompanyName
MahApps

CodeSize
154624

FileSubtype
0

ProductVersionNumber
1.3.2.0

EntryPoint
0x23a9e

ObjectFileType
Dynamic link library

AssemblyVersion
1.3.2.0

File identification
MD5 7c36bee5ffeeb447bbf562357967d7fe
SHA1 1fbbb999118dd51ad757e721adfd0129201e096e
SHA256 bb7114a866c899f276f772b59ffe46fbed41228d0271ccc3d10a7339fecf943d
ssdeep
6144:XFu2g0UnU57+K+Kikc3kxWVwGl2tsQ1BIJIPBywnpNH0W4DQy:Vun0Ung7c1Qx0l+1BIiB1eDQy

authentihash 42783d5ec4820104b470b08192911cb68c83486cfbc30d11cedb8616bf6376af
imphash 4b1724f35c9769d2a87928bb95261624
File size 526.5 KB ( 539136 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (25.2%)
Clipper DOS Executable (25.0%)
Generic Win/DOS Executable (24.8%)
DOS Executable Generic (24.8%)
Tags
peexe

VirusTotal metadata
First submission 2018-09-24 11:21:03 UTC ( 4 months, 3 weeks ago )
Last submission 2018-09-24 11:21:03 UTC ( 4 months, 3 weeks ago )
File names MahApps.Metro.SimpleChildWindow.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!