× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d29309c8f8dd1bbfd620936e16d2814894f76acad8df44e0e944e9283adf3420
File name: content
Detection ratio: 14 / 70
Analysis date: 2019-02-01 09:11:25 UTC ( 3 months, 2 weeks ago ) View latest
Antivirus Result Update
Acronis suspicious 20190130
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181023
Cylance Unsafe 20190201
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GPGC 20190131
Sophos ML heuristic 20181128
McAfee-GW-Edition BehavesLike.Win32.Virut.gm 20190131
Qihoo-360 HEUR/QVM19.1.EEED.Malware.Gen 20190201
Rising Trojan.Fuerboos!8.EFC8 (TFE:dGZlOgIJQotzArd04w) 20190131
Sophos AV Mal/Emotet-Q 20190131
Symantec Packed.Generic.534 20190131
Trapmine suspicious.low.ml.score 20190123
TrendMicro TrojanSpy.Win32.EMOTET.SMTHGB1.hp 20190131
TrendMicro-HouseCall TrojanSpy.Win32.EMOTET.SMTHGB1.hp 20190131
Ad-Aware 20190131
AegisLab 20190131
AhnLab-V3 20190131
Alibaba 20180921
Antiy-AVL 20190131
Arcabit 20190131
Avast 20190131
Avast-Mobile 20190131
AVG 20190131
Avira (no cloud) 20190131
Babable 20180917
Baidu 20190131
BitDefender 20190131
Bkav 20190130
CAT-QuickHeal 20190131
ClamAV 20190131
CMC 20190131
Comodo 20190131
Cybereason 20190109
Cyren 20190131
DrWeb 20190131
eGambit 20190201
Emsisoft 20190131
F-Prot 20190131
F-Secure 20190201
Fortinet 20190131
GData 20190131
Ikarus 20190131
Jiangmin 20190131
K7AntiVirus 20190131
K7GW 20190131
Kaspersky 20190131
Kingsoft 20190201
Malwarebytes 20190131
MAX 20190201
McAfee 20190131
Microsoft 20190131
eScan 20190131
NANO-Antivirus 20190131
Palo Alto Networks (Known Signatures) 20190201
Panda 20190131
SentinelOne (Static ML) 20190124
SUPERAntiSpyware 20190130
TACHYON 20190131
Tencent 20190201
TheHacker 20190131
TotalDefense 20190131
Trustlook 20190201
VBA32 20190131
VIPRE 20190131
ViRobot 20190131
Webroot 20190201
Yandex 20190128
Zillya 20190131
ZoneAlarm by Check Point 20190131
Zoner 20190131
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows Media Services
Original name mpg4dmod.dll
Internal name mpg4dmod.dll
File version 9.00.00.3250
Description Corona Windows Media MPEG-4 Video Decoder
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2019-02-01 17:07:36
Entry Point 0x0001CD3D
Number of sections 5
PE sections
PE imports
SetThreadToken
RegFlushKey
QueryUsersOnEncryptedFile
CryptVerifyDetachedMessageSignature
ExtSelectClipRgn
CopyMetaFileW
FormatMessageW
GetFileSizeEx
GetCPInfo
lstrcatA
GetProcessIdOfThread
GetConsoleMode
UnhandledExceptionFilter
GetLogicalDrives
GetModuleHandleW
FindFirstFileNameW
LZSeek
LZInit
DrawDibChangePalette
NetServerTransportAddEx
RasFreeEapUserIdentityW
SetupInitDefaultQueueCallback
CM_Set_DevNode_Registry_PropertyW
SetFocus
GetCursorPos
GetForegroundWindow
GetParent
IsIconic
UpdateWindow
DrawTextExW
EndDialog
RegisterClassExW
GetMessageW
DefWindowProcW
FindWindowW
PostQuitMessage
SetWinEventHook
ShowWindow
MessageBeep
CharUpperW
RegisterWindowMessageW
GetSystemMetrics
SetWindowLongW
MessageBoxW
GetUpdatedClipboardFormats
EnableWindow
SetWindowPlacement
CallWindowProcA
DialogBoxParamW
GetSystemMenu
ChildWindowFromPoint
TranslateMessage
GetFocus
PostMessageW
SetDlgItemTextW
DispatchMessageW
CreateWindowExW
CreateDialogParamW
ReleaseDC
SetScrollPos
GetDlgCtrlID
CheckMenuItem
SendMessageW
GetSubMenu
IsDialogMessageW
TranslateAcceleratorW
SendDlgItemMessageW
ShowOwnedPopups
WinHelpW
GetWindowPlacement
ShutdownBlockReasonCreate
CloseClipboard
SetWindowTextW
GetDlgItem
SetCursor
MoveWindow
EnableMenuItem
ScreenToClient
InvalidateRect
PeekMessageW
IsClipboardFormatAvailable
CharNextW
LoadImageW
LoadStringW
GetKeyboardLayout
UnhookWinEvent
GetClientRect
GetWindowTextW
SetActiveWindow
GetMenuState
CreateIconFromResource
LoadCursorW
LoadIconW
GetWindowTextLengthW
GetDC
LoadAcceleratorsW
GetWindowLongW
SetForegroundWindow
GetDlgItemTextW
DestroyWindow
GetAncestor
OpenClipboard
InternetSetStatusCallbackW
SCardListReadersW
RtlInitializeSListHead
HWND_UserSize
CoTaskMemAlloc
HGLOBAL_UserMarshal
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
13.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
9.0.0.3250

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Corona Windows Media MPEG-4 Video Decoder

ImageFileCharacteristics
No relocs, Executable, 32-bit, System file

CharacterSet
Unicode

InitializedDataSize
327680

EntryPoint
0x1cd3d

OriginalFileName
mpg4dmod.dll

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
9.00.00.3250

TimeStamp
2019:02:01 18:07:36+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
mpg4dmod.dll

ProductVersion
9.00.00.3250

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
129024

ProductName
Microsoft Windows Media Services

ProductVersionNumber
9.0.0.3250

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 88cabf6670d83cb69accb73ee4d8b28e
SHA1 46de42e746839fd2540630c8287c73048dd7bfb0
SHA256 d29309c8f8dd1bbfd620936e16d2814894f76acad8df44e0e944e9283adf3420
ssdeep
3072:byLiYWJlI+uLj6TEGKo1CGC+TdazrRhFOWBSN29EiXAnGccomj8NhVe3KqNeAhG8:DE5huN2scfko3TNe

authentihash 9c618d7ec576d7be76ac73269b70a0b54fc4c71cc8eef4ff0b6801fc169037fe
imphash 219fe4c553f04702a99d7f499e6b5265
File size 439.0 KB ( 449536 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit system file

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe

VirusTotal metadata
First submission 2019-02-01 09:11:25 UTC ( 3 months, 2 weeks ago )
Last submission 2019-02-02 01:19:22 UTC ( 3 months, 2 weeks ago )
File names emotet_e2_d29309c8f8dd1bbfd620936e16d2814894f76acad8df44e0e944e9283adf3420_2019-02-01__091501.exe_
mpg4dmod.dll
content
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!