× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c1ad53643f650c43905e3c944fe4c0299a93aafc419c8344eebc7f523f525487
File name: QE2yvHx60.exe
Detection ratio: 23 / 68
Analysis date: 2018-07-28 12:03:34 UTC ( 6 months, 4 weeks ago ) View latest
Antivirus Result Update
AegisLab Troj.W32.Vucha!c 20180728
Avast Win32:Malware-gen 20180728
AVG Win32:Malware-gen 20180728
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180726
Bkav HW32.Packed.F209 20180728
Comodo .UnclassifiedMalware 20180728
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cylance Unsafe 20180728
Endgame malicious (high confidence) 20180711
ESET-NOD32 a variant of Win32/GenKryptik.CGMW 20180728
Fortinet W32/GenKryptik.CFYN!tr 20180728
Sophos ML heuristic 20180717
K7GW Hacktool ( 700007861 ) 20180727
Kaspersky HEUR:Trojan.Win32.Vucha.dc 20180728
McAfee Artemis!4B3ED36C5DEB 20180728
Microsoft Trojan:Win32/Emotet.AC!bit 20180728
Palo Alto Networks (Known Signatures) generic.ml 20180728
Qihoo-360 Win32/Trojan.ba4 20180728
Rising Trojan.Fuerboos!8.EFC8 (CLOUD) 20180728
SentinelOne (Static ML) static engine - malicious 20180701
Symantec ML.Attribute.HighConfidence 20180727
Webroot W32.Trojan.Emotet 20180728
ZoneAlarm by Check Point HEUR:Trojan.Win32.Vucha.dc 20180728
Ad-Aware 20180728
AhnLab-V3 20180728
ALYac 20180728
Antiy-AVL 20180728
Arcabit 20180728
Avast-Mobile 20180728
Avira (no cloud) 20180728
AVware 20180727
Babable 20180725
BitDefender 20180728
CAT-QuickHeal 20180725
ClamAV 20180728
CMC 20180728
Cybereason 20180225
Cyren 20180728
DrWeb 20180728
eGambit 20180728
Emsisoft 20180728
F-Prot 20180728
F-Secure 20180728
GData 20180728
Ikarus 20180728
Jiangmin 20180728
K7AntiVirus 20180727
Kingsoft 20180728
Malwarebytes 20180728
MAX 20180728
McAfee-GW-Edition 20180728
eScan 20180728
NANO-Antivirus 20180728
Panda 20180728
Sophos AV 20180728
SUPERAntiSpyware 20180728
TACHYON 20180728
Tencent 20180728
TheHacker 20180727
TotalDefense 20180728
TrendMicro 20180728
TrendMicro-HouseCall 20180728
Trustlook 20180728
VBA32 20180727
VIPRE 20180728
ViRobot 20180728
Yandex 20180725
Zillya 20180727
Zoner 20180727
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 1999-2017

Product iconv: character set conversion program
Original name iconv.exe
Internal name iconv.exe
File version 1.15
Description GPLed iconv for Windows
Comments This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-07-28 16:30:16
Entry Point 0x0000151A
Number of sections 5
PE sections
PE imports
GetBinaryTypeW
GetWindowsDirectoryA
lstrcatA
GetNativeSystemInfo
GetDesktopWindow
GetCaretPos
DrawFrameControl
IsWindowUnicode
Ord(30)
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.15.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
GPLed iconv for Windows

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
ASCII

InitializedDataSize
28160

EntryPoint
0x151a

OriginalFileName
iconv.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 1999-2017

FileVersion
1.15

TimeStamp
2018:07:28 18:30:16+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
iconv.exe

ProductVersion
1.15

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Windows 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Free Software Foundation

CodeSize
102912

ProductName
iconv: character set conversion program

ProductVersionNumber
1.15.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 4b3ed36c5debd8c3a0fe511faab8c523
SHA1 6b79a9bb47815e3a7d46d24f778498c55a73e99e
SHA256 c1ad53643f650c43905e3c944fe4c0299a93aafc419c8344eebc7f523f525487
ssdeep
3072:cIfHEs4E0dK0jYVa4/lCWQe2ji6W+q1s+2:c4ks4E0o00VaMavW+b

authentihash c5b0e642814229c213a3b9fab7002bbd7099b6e793f4470d8a1d34e20510758e
imphash a8bc5c5d0fecedadc84dba352ce28a8b
File size 129.0 KB ( 132096 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-07-28 09:35:30 UTC ( 6 months, 4 weeks ago )
Last submission 2018-10-04 16:18:44 UTC ( 4 months, 2 weeks ago )
File names iconv.exe
QE2yvHx60.exe
4b3ed36c5debd8c3a0fe511faab8c523.vir
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!