× Cookies are disabled! This site requires cookies to be enabled to work properly
VirusTotal
SHA256: d686e0ad6b9b0d5de93c745a8c135cbdbaa5e32d826832d388eb386f77a04026
File name: zbetcheckin_
Detection ratio: 17 / 67
Analysis date: 2018-08-10 23:28:13 UTC ( 3 months, 1 week ago ) View latest
Antivirus Result Update
Avast FileRepMalware 20180810
AVG FileRepMalware 20180810
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180810
CAT-QuickHeal Trojan.Emotet.X4 20180810
CrowdStrike Falcon (ML) malicious_confidence_90% (D) 20180723
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/GenKryptik.CHTY 20180810
Sophos ML heuristic 20180717
K7GW Hacktool ( 700007861 ) 20180810
Malwarebytes Trojan.Emotet 20180810
McAfee-GW-Edition BehavesLike.Win32.Generic.ch 20180810
Microsoft Trojan:Win32/Emotet.AC!bit 20180810
Palo Alto Networks (Known Signatures) generic.ml 20180811
Qihoo-360 HEUR/QVM20.1.1971.Malware.Gen 20180811
Rising Trojan.Cloxer!8.F54F (TFE:dGZlOgG9KVVVw9Y+ew) 20180810
Symantec ML.Attribute.HighConfidence 20180810
Webroot W32.Trojan.Emotet 20180811
Ad-Aware 20180810
AegisLab 20180810
AhnLab-V3 20180810
Alibaba 20180713
ALYac 20180810
Antiy-AVL 20180810
Arcabit 20180811
Avast-Mobile 20180810
Avira (no cloud) 20180810
AVware 20180810
Babable 20180725
BitDefender 20180811
Bkav 20180810
ClamAV 20180810
CMC 20180810
Comodo 20180810
Cybereason 20180225
Cyren 20180811
DrWeb 20180810
eGambit 20180811
Emsisoft 20180811
F-Prot 20180811
F-Secure 20180811
Fortinet 20180810
GData 20180811
Ikarus 20180810
Jiangmin 20180810
K7AntiVirus 20180810
Kaspersky 20180810
Kingsoft 20180811
MAX 20180811
McAfee 20180810
eScan 20180810
NANO-Antivirus 20180810
Panda 20180810
SentinelOne (Static ML) 20180701
Sophos AV 20180810
SUPERAntiSpyware 20180810
Symantec Mobile Insight 20180809
TACHYON 20180810
Tencent 20180811
TheHacker 20180807
TotalDefense 20180810
TrendMicro 20180810
TrendMicro-HouseCall 20180810
Trustlook 20180811
VBA32 20180810
VIPRE 20180810
ViRobot 20180810
Yandex 20180810
Zillya 20180810
ZoneAlarm by Check Point 20180810
Zoner 20180810
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Description Unicode
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-08-11 06:17:34
Entry Point 0x0002BE48
Number of sections 5
PE sections
PE imports
[+] KERNEL32.dll
GetCommandLineA
FlsFree
FlsGetValue
GetTimeZoneInformation
[+] RASAPI32.dll
RasSetAutodialParamA
[+] USER32.dll
GetDesktopWindow
GetWindowThreadProcessId
GetInputState
[+] WinSCard.dll
SCardLocateCardsByATRA
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
12.0

ImageVersion
0.0

FileVersionNumber
1.2.0.6

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Unicode

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
17920

EntryPoint
0x2be48

MIMEType
application/octet-stream

Subsystem
Windows GUI

TimeStamp
2018:08:11 07:17:34+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

LegalCopyright
Microsoft Corporation. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CodeSize
179712

FileSubtype
0

ProductVersionNumber
1.2.0.6

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 d6104e4d14dd1c94e3ee2d31498bb0ed
SHA1 a12c9a27f97e0ffec77d6a07cf861c0d301f360b
SHA256 d686e0ad6b9b0d5de93c745a8c135cbdbaa5e32d826832d388eb386f77a04026
ssdeep
1536:98smqNifkQZ1CFabjWPzDC5NgMLW6RoReE7lsDzbjJfY83KYRb/ubK6YOCu1:ashwHsAWPGgMK6RoReESjJfoiSbhN1

authentihash a216cf4629a59e526f100448c6a10f69d9f9ae909b67925fc942f508a6a1b7c7
imphash f542fb1dcaeb725b91b4523ec919b113
File size 189.0 KB ( 193536 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.7%)
OS/2 Executable (generic) (19.2%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
Tags
peexe

VirusTotal metadata
First submission 2018-08-10 23:28:13 UTC ( 3 months, 1 week ago )
Last submission 2018-08-10 23:28:13 UTC ( 3 months, 1 week ago )
File names 49975031.exe
60880.exe
8338089.exe
zbetcheckin_
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!
More comments

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

Sign in Join the community
No votes. No one has voted on this item yet, be the first one to do so!
More votes
Blog | Twitter | Contact us | ToS | Privacy policy