× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c8224dd942f9ff188d6e4fb15c8deed48d9683c1e62707bad06cf0b09153d602
File name: G4Idk.exe
Detection ratio: 17 / 63
Analysis date: 2018-07-03 12:33:25 UTC ( 7 months, 2 weeks ago ) View latest
Antivirus Result Update
Avast FileRepMalware 20180703
AVG FileRepMalware 20180703
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180703
Bkav HW32.Packed.9443 20180703
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180530
Cybereason malicious.00499c 20180225
Endgame malicious (high confidence) 20180612
ESET-NOD32 a variant of Win32/Kryptik.GIKR 20180703
Fortinet W32/Emotet.BK!tr 20180703
Sophos ML heuristic 20180601
McAfee-GW-Edition BehavesLike.Win32.Emotet.ch 20180703
Microsoft Trojan:Win32/Dynamer!ac 20180703
Qihoo-360 HEUR/QVM20.1.41A2.Malware.Gen 20180703
SentinelOne (Static ML) static engine - malicious 20180701
SUPERAntiSpyware Trojan.Agent/Gen-FalDesc 20180703
Symantec ML.Attribute.HighConfidence 20180703
Webroot W32.Keylogger.Gen 20180703
Ad-Aware 20180703
AegisLab 20180703
AhnLab-V3 20180703
ALYac 20180703
Antiy-AVL 20180703
Arcabit 20180703
Avast-Mobile 20180703
Avira (no cloud) 20180703
AVware 20180703
BitDefender 20180703
CAT-QuickHeal 20180702
ClamAV 20180703
CMC 20180703
Comodo 20180703
Cyren 20180703
DrWeb 20180703
eGambit 20180703
Emsisoft 20180703
F-Prot 20180703
F-Secure 20180703
GData 20180703
Ikarus 20180703
Jiangmin 20180703
K7AntiVirus 20180703
K7GW 20180703
Kaspersky 20180703
Kingsoft 20180703
Malwarebytes 20180703
MAX 20180703
McAfee 20180703
eScan 20180703
NANO-Antivirus 20180703
Palo Alto Networks (Known Signatures) 20180703
Panda 20180703
Sophos AV 20180703
TACHYON 20180703
Tencent 20180703
TheHacker 20180628
TotalDefense 20180703
Trustlook 20180703
VBA32 20180629
VIPRE 20180703
ViRobot 20180703
Yandex 20180703
Zillya 20180702
ZoneAlarm by Check Point 20180703
Zoner 20180702
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Check

Product Check Software Monitor
Original name CheckProp.exe
File version 1, 0, 8, 0
Description Microsof
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-07-03 12:30:50
Entry Point 0x0000131A
Number of sections 4
PE sections
PE imports
ConvertFiberToThread
GlobalMemoryStatus
SetFileCompletionNotificationModes
GetProcessIdOfThread
TlsGetValue
CloseHandle
CompareStringOrdinal
GetCommandLineA
GetMenuPosFromID
EndMenu
GetMenuItemRect
GetLastInputInfo
GetNextDlgGroupItem
GetKeyState
SCardListCardsW
Number of PE resources by type
RT_STRING 25
RT_BITMAP 2
RT_DIALOG 2
RT_ACCELERATOR 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 30
FRENCH 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2018:07:03 14:30:50+02:00

FileType
Win32 EXE

PEType
PE32

CodeSize
24576

LinkerVersion
10.0

ImageFileCharacteristics
No relocs, Executable, 32-bit

EntryPoint
0x131a

InitializedDataSize
65536

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 d162b01ebe1749a8425f3d2716c5f2f9
SHA1 151b22f00499cb871ebcd4552db2e521ea75ca0d
SHA256 c8224dd942f9ff188d6e4fb15c8deed48d9683c1e62707bad06cf0b09153d602
ssdeep
3072:g7G3b9MKIREgPUHGQtcNxi3j3jLIRp67zRFAz2EZp+:gHPbQtcMjzAp67zR

authentihash 59a1b3bc0c4997f61ebe4f05c0b3cb1cc9438f96710771016ad03fee67a3cd8c
imphash fcd5bff4a78fe553cea0289d4793c666
File size 104.0 KB ( 106496 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe

VirusTotal metadata
First submission 2018-07-03 12:33:25 UTC ( 7 months, 2 weeks ago )
Last submission 2018-10-25 17:03:05 UTC ( 3 months, 3 weeks ago )
File names CheckProp.exe
d162b01ebe1749a8425f3d2716c5f2f9.vir
G4Idk.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!