× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d5947690f0621e1548dd165054dbe8e52d0435faa8f9d401f99f693d7cc83269
File name: d5947690f0621e1548dd165054dbe8e52d0435faa8f9d401f99f693d7cc83269
Detection ratio: 20 / 67
Analysis date: 2018-06-28 19:32:39 UTC ( 7 months, 3 weeks ago ) View latest
Antivirus Result Update
AegisLab Packer.Generic!c 20180628
Avast FileRepMalware 20180628
AVG FileRepMalware 20180628
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180628
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20180530
Cybereason malicious.cdd7a5 20180225
Cylance Unsafe 20180628
Endgame malicious (high confidence) 20180612
Sophos ML heuristic 20180601
Kaspersky UDS:DangerousObject.Multi.Generic 20180628
MAX malware (ai score=91) 20180628
McAfee Artemis!BFAD19928609 20180628
McAfee-GW-Edition BehavesLike.Win32.Swrort.ch 20180628
Palo Alto Networks (Known Signatures) generic.ml 20180628
SentinelOne (Static ML) static engine - malicious 20180618
SUPERAntiSpyware Trojan.Agent/Gen-FalDesc 20180628
Symantec Packed.Generic.517 20180628
VBA32 Malware-Cryptor.Limpopo 20180628
Webroot W32.Trojan.Emotet 20180628
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20180628
Ad-Aware 20180628
AhnLab-V3 20180628
Alibaba 20180628
ALYac 20180628
Antiy-AVL 20180628
Arcabit 20180628
Avast-Mobile 20180628
Avira (no cloud) 20180628
AVware 20180628
Babable 20180406
BitDefender 20180628
Bkav 20180628
CAT-QuickHeal 20180628
ClamAV 20180628
CMC 20180628
Comodo 20180628
Cyren 20180628
DrWeb 20180628
eGambit 20180628
Emsisoft 20180628
ESET-NOD32 20180628
F-Prot 20180628
F-Secure 20180628
Fortinet 20180628
GData 20180628
Ikarus 20180628
Jiangmin 20180628
K7AntiVirus 20180628
K7GW 20180628
Kingsoft 20180628
Malwarebytes 20180628
Microsoft 20180628
eScan 20180628
NANO-Antivirus 20180628
Panda 20180628
Qihoo-360 20180628
Rising 20180628
Sophos AV 20180628
Symantec Mobile Insight 20180626
TACHYON 20180628
Tencent 20180628
TheHacker 20180628
TrendMicro 20180628
TrendMicro-HouseCall 20180628
Trustlook 20180628
VIPRE 20180628
ViRobot 20180628
Yandex 20180628
Zillya 20180627
Zoner 20180627
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copy

Product CPUID Hardware Monitor
Original name HWMonitor.exe
File version 1, 3, 5, 0
Description Microsof
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-06-28 15:33:01
Entry Point 0x0000150C
Number of sections 4
PE sections
PE imports
RegEnableReflectionKey
WriteEncryptedFileRaw
InitializeSecurityDescriptor
SelectClipPath
CreateDiscardableBitmap
SetRectRgn
DisconnectNamedPipe
SetThreadPreferredUILanguages
SetCurrentConsoleFontEx
SetTimeZoneInformation
LoadLibraryW
ConvertFiberToThread
SetFileApisToOEM
LocalFileTimeToFileTime
FindAtomA
CloseHandle
GetCommandLineA
FindVolumeMountPointClose
CreateConsoleScreenBuffer
FindFirstFileNameW
UnRegisterTypeLib
RasHangUpA
UrlCompareW
GetMenuPosFromID
DlgDirListW
GetLastInputInfo
LockWorkStation
GetMenuInfo
GetWindowRect
MessageBoxIndirectA
RegisterHotKey
DrawIconEx
LoadCursorFromFileA
GetScrollPos
TileWindows
WindowFromPoint
GetWindowModuleFileNameW
SetCursor
SetForegroundWindow
GetDlgItemTextW
CharNextW
GetKeyState
fwrite
fprintf
putc
toupper
Number of PE resources by type
RT_STRING 25
RT_DIALOG 3
RT_BITMAP 2
RT_ACCELERATOR 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 31
FRENCH 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2018:06:28 15:33:01+00:00

FileType
Win32 EXE

PEType
PE32

CodeSize
24576

LinkerVersion
10.0

ImageFileCharacteristics
No relocs, Executable, 32-bit

EntryPoint
0x150c

InitializedDataSize
65536

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 bfad199286099bbb4f9089aa36652c7a
SHA1 44c9d25cdd7a5feb2b3ff8ad98cb590d4e0abece
SHA256 d5947690f0621e1548dd165054dbe8e52d0435faa8f9d401f99f693d7cc83269
ssdeep
3072:yzyDykfVpWbHH839YfQAHnGD8LKa+OBYsaoRUMzT:yzyDL88jaGD8JH2X

authentihash ae63bb685f3f6e3ff0916ab61c9b981b2f1d1670bc36a60cca92b9fad07e37b8
imphash ee20d6861a11f0f73ac27d2e9a168032
File size 108.0 KB ( 110592 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-06-28 16:03:03 UTC ( 7 months, 3 weeks ago )
Last submission 2018-06-29 21:51:27 UTC ( 7 months, 3 weeks ago )
File names 83012760764.exe
267101874823.exe
405515686287.exe
HWMonitor.exe
wmistrsls.exe
021718337649.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!