× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c7468384af1fc9ad9093373e716e0aa0589d434e29561ac2467548b617f4467a
File name: 12040.exe
Detection ratio: 19 / 67
Analysis date: 2018-04-10 12:17:36 UTC ( 1 year ago ) View latest
Antivirus Result Update
AVG FileRepMalware 20180410
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180410
Bkav HW32.Packed.EA01 20180409
CrowdStrike Falcon (ML) malicious_confidence_90% (D) 20170201
Cylance Unsafe 20180410
eGambit Unsafe.AI_Score_65% 20180410
Emsisoft Trojan.Emotet (A) 20180410
Endgame malicious (high confidence) 20180402
Fortinet W32/GenKryptik.BDQO!tr 20180410
Sophos ML heuristic 20180120
McAfee Emotet-FGM!34E858F28AB2 20180410
McAfee-GW-Edition BehavesLike.Win32.Emotet.nc 20180410
Microsoft Trojan:Win32/Cloxer.D!cl 20180410
Qihoo-360 HEUR/QVM20.1.68FF.Malware.Gen 20180410
Rising Trojan.Cloxer!8.F54F (TFE:4:DgpJXFaoEzJ) 20180410
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV Mal/EncPk-ANR 20180410
Symantec ML.Attribute.HighConfidence 20180410
Webroot W32.Trojan.Emotet 20180410
Ad-Aware 20180410
AegisLab 20180410
AhnLab-V3 20180410
Alibaba 20180410
ALYac 20180410
Antiy-AVL 20180410
Arcabit 20180410
Avast 20180410
Avast-Mobile 20180410
Avira (no cloud) 20180410
AVware 20180410
BitDefender 20180410
CAT-QuickHeal 20180409
ClamAV 20180410
CMC 20180409
Comodo 20180410
Cybereason None
Cyren 20180410
DrWeb 20180410
ESET-NOD32 20180410
F-Prot 20180410
F-Secure 20180410
GData 20180410
Ikarus 20180410
Jiangmin 20180410
K7AntiVirus 20180410
K7GW 20180410
Kaspersky 20180410
Kingsoft 20180410
Malwarebytes 20180410
MAX 20180410
eScan 20180410
NANO-Antivirus 20180410
nProtect 20180410
Palo Alto Networks (Known Signatures) 20180410
Panda 20180409
SUPERAntiSpyware 20180410
Symantec Mobile Insight 20180406
Tencent 20180410
TheHacker 20180410
TotalDefense 20180410
TrendMicro 20180410
TrendMicro-HouseCall 20180410
Trustlook 20180410
VBA32 20180409
VIPRE 20180410
ViRobot 20180410
WhiteArmor 20180408
Yandex 20180408
Zillya 20180409
ZoneAlarm by Check Point 20180410
Zoner 20180410
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Product DragCombo
Original name DragCombo.exe
Internal name DragCombo.exe
File version 1.2.10.6
Description DragCombo
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-04-10 12:12:08
Entry Point 0x00005502
Number of sections 10
PE sections
PE imports
GetKernelObjectSecurity
JetGetBookmark
InvertRgn
GetMetaFileA
GetWindowExtEx
GetPath
SetPriorityClass
GetCommandLineA
GetSystemDefaultLangID
TransmitCommChar
LocalSize
GetExitCodeProcess
EnumCalendarInfoW
GetDynamicTimeZoneInformation
GetProcessVersion
GlobalUnlock
UpdateResourceA
LeaveCriticalSection
IsPwrShutdownAllowed
ShellAboutA
StrFormatKBSizeW
AcquireCredentialsHandleA
IsCharUpperA
GetCursorInfo
GetInputState
GetFocus
CheckRadioButton
GetWindowDC
AdjustWindowRectEx
SetForegroundWindow
CheckMenuRadioItem
IsIconic
CreateCursor
CoReleaseServerProcess
Number of PE resources by type
RT_BITMAP 1
RT_MENU 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
88576

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.2.10.6

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
DragCombo

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
11.9

EntryPoint
0x5502

OriginalFileName
DragCombo.exe

MIMEType
application/octet-stream

FileVersion
1.2.10.6

TimeStamp
2018:04:10 14:12:08+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
DragCombo.exe

ProductVersion
1.2.10.6-RELEASE-c2414ca0156a0385fb10514efac01a00086c215c

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
DragCombo

CodeSize
0

ProductName
DragCombo

ProductVersionNumber
1.2.10.6

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.2.10.6

File identification
MD5 34e858f28ab23894d789095bc787c827
SHA1 f543c7748a4fc96eed03ade82a46b310a258c612
SHA256 c7468384af1fc9ad9093373e716e0aa0589d434e29561ac2467548b617f4467a
ssdeep
3072:CKgPgaca0jYGD5p/xP5iyv0ox6ul1kZZzrViH+Z:BgPgaca0jYGD5p/xx3v0A3WZr

authentihash 487404239c1c4c42c7e006d0f5b2251e2de000ff14cee41027497dd957bf8e29
imphash 560a8653f245094616f844407264c75b
File size 98.5 KB ( 100864 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (61.7%)
Win32 Dynamic Link Library (generic) (14.7%)
Win32 Executable (generic) (10.0%)
OS/2 Executable (generic) (4.5%)
Generic Win/DOS Executable (4.4%)
Tags
peexe

VirusTotal metadata
First submission 2018-04-10 12:17:36 UTC ( 1 year ago )
Last submission 2018-06-02 10:34:51 UTC ( 10 months, 3 weeks ago )
File names 12040.exe
DragCombo.exe
34e858f28ab23894d789095bc787c827.dat
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!