× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c4a8a005c4713c83a001ab65bfb5fba3a48d031ee0c91646dfd32b419f7ae511
File name: 86D26D4C.EXE
Detection ratio: 47 / 66
Analysis date: 2018-05-24 17:49:20 UTC ( 9 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.30855619 20180524
AegisLab Ml.Attribute.Gen!c 20180524
AhnLab-V3 Trojan/Win32.Emotet.R228774 20180524
ALYac Trojan.GenericKD.30855619 20180524
Antiy-AVL Trojan/Win32.Agent 20180524
Arcabit Trojan.Generic.D1D6D1C3 20180524
Avast Win32:Malware-gen 20180524
AVG Win32:Malware-gen 20180524
Avira (no cloud) TR/Crypt.ZPACK.gegjc 20180524
AVware Trojan.Win32.Generic!BT 20180524
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9998 20180524
BitDefender Trojan.GenericKD.30855619 20180524
CAT-QuickHeal Trojan.Cloxer 20180524
Comodo TrojWare.Win32.Dovs.MO 20180524
Cylance Unsafe 20180524
Cyren W32/Trojan.MWQB-4184 20180524
Emsisoft Trojan.GenericKD.30855619 (B) 20180524
Endgame malicious (high confidence) 20180507
ESET-NOD32 a variant of Win32/Kryptik.GGZF 20180524
F-Secure Trojan.GenericKD.30855619 20180524
Fortinet W32/GenKryptik.CALT!tr 20180524
GData Win32.Trojan-Spy.Emotet.QM 20180524
Ikarus Trojan.Win32.Crypt 20180524
Sophos ML heuristic 20180503
K7AntiVirus Trojan ( 005322f41 ) 20180524
K7GW Trojan ( 005322f41 ) 20180524
Kaspersky Trojan.Win32.Agent.qwgokl 20180524
Malwarebytes Trojan.Emotet 20180524
MAX malware (ai score=94) 20180524
McAfee Emotet-FDM!4AEB7E2E9F0F 20180524
McAfee-GW-Edition BehavesLike.Win32.Emotet.ch 20180524
Microsoft Trojan:Win32/Occamy.C 20180524
eScan Trojan.GenericKD.30855619 20180524
NANO-Antivirus Trojan.Win32.Kryptik.fcmxmx 20180524
Palo Alto Networks (Known Signatures) generic.ml 20180524
Panda Trj/GdSda.A 20180524
Qihoo-360 Trojan.Generic 20180524
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV Mal/EncPk-ANX 20180524
Symantec Trojan.Gen.2 20180524
TrendMicro TROJ_GEN.R011C0REO18 20180524
TrendMicro-HouseCall TROJ_GEN.R011C0REO18 20180524
VBA32 BScope.Trojan.Cloxer 20180524
VIPRE Trojan.Win32.Generic!BT 20180524
ViRobot Trojan.Win32.Z.Kryptik.184320.PJ 20180524
Webroot W32.Trojan.Emotet 20180524
ZoneAlarm by Check Point Trojan.Win32.Agent.qwgokl 20180524
Alibaba 20180524
Avast-Mobile 20180524
Babable 20180406
Bkav 20180524
ClamAV 20180521
CMC 20180524
CrowdStrike Falcon (ML) 20180202
Cybereason None
DrWeb 20180524
eGambit 20180524
F-Prot 20180524
Jiangmin 20180524
Kingsoft 20180524
nProtect 20180524
Rising 20180524
SUPERAntiSpyware 20180524
Symantec Mobile Insight 20180522
Tencent 20180524
TheHacker 20180524
TotalDefense 20180524
Trustlook 20180524
Yandex 20180524
Zillya 20180524
Zoner 20180524
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name Wwapi.dll
Internal name Wwapi.dll
File version 08.01.02.00 (win7_rtm.090713-1255)
Description WWAN API
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-05-23 04:46:17
Entry Point 0x000021DD
Number of sections 7
PE sections
PE imports
CryptEncrypt
PropertySheetW
ImageList_AddMasked
CryptAcquireCertificatePrivateKey
JetIndexRecordCount
GetArcDirection
OffsetViewportOrgEx
GetCurrentProcess
DnsHostnameToComputerNameW
lstrlenA
GetSystemDefaultUILanguage
GetConsoleCursorInfo
GetProfileSectionW
GetExitCodeProcess
ExitProcess
GetHandleInformation
HeapReAlloc
FlsFree
LZSeek
SafeArrayDestroyData
RpcBindingSetAuthInfoExA
I_RpcNsBindingSetEntryNameW
SetupDiGetINFClassW
PathCreateFromUrlW
StrCmpIW
DlgDirListW
SetMenuItemInfoW
GetWindowRect
GetInputState
IsDlgButtonChecked
GetSysColorBrush
GetDesktopWindow
ChangeDisplaySettingsExW
GetFocus
IsIconic
DragDetect
SetCursor
midiOutGetVolume
DocumentPropertiesA
CryptCATStoreFromHandle
SCardListReaderGroupsW
Ord(29)
CoQueryProxyBlanket
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
163840

ImageVersion
0.0

ProductName
Microsoft Windows Operating System

FileVersionNumber
8.1.2.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
WWAN API

CharacterSet
Unicode

LinkerVersion
12.59

FileTypeExtension
exe

OriginalFileName
Wwapi.dll

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
08.01.02.00 (win7_rtm.090713-1255)

TimeStamp
2018:05:23 05:46:17+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Wwapi.dll

ProductVersion
08.01.02.00

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Windows NT 32-bit

LegalCopyright
Microsoft Corporation. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
16384

FileSubtype
0

ProductVersionNumber
8.1.2.0

EntryPoint
0x21dd

ObjectFileType
Dynamic link library

Compressed bundles
File identification
MD5 4aeb7e2e9f0f9076ea969e14e2db8dac
SHA1 a9ee175fa3ad9165faff232f8d5f762c4d592ee2
SHA256 c4a8a005c4713c83a001ab65bfb5fba3a48d031ee0c91646dfd32b419f7ae511
ssdeep
1536:7OpwP6wL+xRUWqePm3M0+sZ/6Ru8OQ07A6AyrId0RbRNhgLvPAQt4qRjIL:7CwfL+Llm3hzyRu8ME6NUCt3hgLXttE

authentihash 6b609fb0b7a7c281c88bb65b3ab768d35002756ea7ec8a0262565ec7f3080954
imphash 15994a6d68b054b5d5434942300f9a55
File size 180.0 KB ( 184320 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-05-22 21:52:55 UTC ( 9 months ago )
Last submission 2018-05-27 17:52:40 UTC ( 9 months ago )
File names Wwapi.dll
86D26D4C.EXE
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!