× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d043917cd1cc352bc49e541b0960a15efa6f26bf05179e5503596b119327179a
File name: codexgigas_52c333248e9828baff9a5a7b2f9c1e14632fc035
Detection ratio: 26 / 65
Analysis date: 2018-05-30 11:24:01 UTC ( 8 months, 3 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Symmi.60339 20180530
ALYac Gen:Variant.Symmi.60339 20180530
AVG FileRepMalware 20180530
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180530
BitDefender Gen:Variant.Symmi.60339 20180530
Comodo TrojWare.Win32.Dovs.MO 20180530
Cylance Unsafe 20180530
DrWeb Trojan.EmotetENT.222 20180530
Emsisoft Gen:Variant.Symmi.60339 (B) 20180530
Endgame malicious (high confidence) 20180507
F-Secure Gen:Variant.Symmi.60339 20180530
Fortinet W32/Kryptik.GCDM!tr 20180530
GData Gen:Variant.Symmi.60339 20180530
Ikarus Win32.Outbreak 20180529
Sophos ML heuristic 20180504
K7GW Hacktool ( 700007861 ) 20180530
Malwarebytes Trojan.Emotet 20180530
MAX malware (ai score=85) 20180530
Microsoft Trojan:Win32/Fuerboos.C!cl 20180530
eScan Gen:Variant.Symmi.60339 20180530
Palo Alto Networks (Known Signatures) generic.ml 20180530
Panda Trj/GdSda.A 20180529
Qihoo-360 HEUR/QVM20.1.81ED.Malware.Gen 20180530
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV Mal/EncPk-ANX 20180530
Symantec Packed.Generic.517 20180530
AegisLab 20180530
AhnLab-V3 20180530
Alibaba 20180530
Antiy-AVL 20180530
Arcabit 20180530
Avast 20180530
Avast-Mobile 20180530
Avira (no cloud) 20180530
AVware 20180530
Babable 20180406
Bkav 20180530
CAT-QuickHeal 20180530
ClamAV 20180530
CMC 20180529
CrowdStrike Falcon (ML) 20180202
Cybereason None
Cyren 20180530
eGambit 20180530
ESET-NOD32 20180530
F-Prot 20180530
Jiangmin 20180530
K7AntiVirus 20180530
Kaspersky 20180530
Kingsoft 20180530
McAfee 20180530
McAfee-GW-Edition 20180530
NANO-Antivirus 20180530
nProtect 20180530
Rising 20180530
SUPERAntiSpyware 20180530
Symantec Mobile Insight 20180525
Tencent 20180530
TheHacker 20180524
TotalDefense 20180530
TrendMicro 20180530
TrendMicro-HouseCall 20180530
Trustlook 20180530
VBA32 20180529
VIPRE 20180530
ViRobot 20180530
Yandex 20180529
Zillya 20180530
ZoneAlarm by Check Point 20180530
Zoner 20180530
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Visual Studio® 2015
Original name MFC140DEU.DLL
Internal name MFC140DEU.DLL
File version 14.0.23026.0 built by: WCSETUP
Description MFC Language Specific Resources
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2028-12-25 04:27:37
Entry Point 0x00028B0C
Number of sections 5
PE sections
PE imports
CM_Get_Class_Name_ExW
CM_Free_Resource_Conflict_Handle
CertOpenStore
GetObjectType
GetCurrentProcess
ReleaseMutex
OpenEventW
GetConsoleCP
ScrollConsoleScreenBufferA
ClearCommBreak
CopyFileA
FlsGetValue
FreeConsole
FindFirstFileNameTransactedW
FlsFree
SetDynamicTimeZoneInformation
NetShareDel
VarCyFix
VarUdateFromDate
I_RpcServerUseProtseqEp2W
RpcStringFreeA
SetupDiInstallClassW
PathCompactPathExW
GetGUIThreadInfo
GetMenuBarInfo
GetUpdatedClipboardFormats
SetScrollInfo
ChangeMenuA
midiStreamPosition
midiInReset
Ord(30)
vprintf
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
GERMAN 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
12.165

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
14.0.23026.0

LanguageCode
German

FileFlagsMask
0x003f

FileDescription
MFC Language Specific Resources

ImageFileCharacteristics
No relocs, Executable, 32-bit, System file

CharacterSet
Unicode

InitializedDataSize
28672

EntryPoint
0x28b0c

OriginalFileName
MFC140DEU.DLL

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
14.0.23026.0 built by: WCSETUP

TimeStamp
2028:12:25 05:27:37+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
MFC140DEU.DLL

ProductVersion
14.0.23026.0

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
0

ProductName
Microsoft Visual Studio 2015

ProductVersionNumber
14.0.23026.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

Compressed bundles
File identification
MD5 4f5f4ee6557715335e02c83729fd62b2
SHA1 52c333248e9828baff9a5a7b2f9c1e14632fc035
SHA256 d043917cd1cc352bc49e541b0960a15efa6f26bf05179e5503596b119327179a
ssdeep
1536:T3YbEvHLiB4yGSQumEPhOUIGWBv2e3MSM66vrVkm4k0+0SFF+:kbEvHjLzaOUIG+ee8JOW0+0CF

authentihash 759b864d5aaaef42486aab47ebc5d6d19c886077fbb24c3e44ae12578d308c9e
imphash c51989bc3ab3056dd72ac58930eb374c
File size 192.0 KB ( 196608 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit system file

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-05-30 11:24:01 UTC ( 8 months, 3 weeks ago )
Last submission 2018-06-21 01:40:01 UTC ( 8 months ago )
File names codexgigas_52c333248e9828baff9a5a7b2f9c1e14632fc035
YCC1KLC8Q.EXE
MFC140DEU.DLL
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!