× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d750a624cc463790d59047c70a33995413e427bb4ba5f34bc15a6d90e724c46a
File name: hzHX.exe
Detection ratio: 39 / 67
Analysis date: 2018-10-19 17:54:04 UTC ( 4 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.40621169 20181019
ALYac Trojan.Agent.Emotet 20181019
Antiy-AVL Trojan/Win32.Azden 20181019
Arcabit Trojan.Generic.D26BD471 20181019
Avast Win32:Malware-gen 20181019
AVG Win32:Malware-gen 20181019
BitDefender Trojan.GenericKD.40621169 20181019
CAT-QuickHeal Trojan.Emotet.X4 20181018
ClamAV Win.Trojan.Emotet-6707392-0 20181019
CrowdStrike Falcon (ML) malicious_confidence_90% (D) 20180723
Cylance Unsafe 20181019
Cyren W32/Trojan.XGHJ-0023 20181019
Emsisoft Trojan.GenericKD.40621169 (B) 20181019
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/Kryptik.GLTP 20181019
F-Secure Trojan.GenericKD.40621169 20181019
Fortinet W32/GenKryptik.COJU!tr 20181019
GData Trojan.GenericKD.40621169 20181019
Ikarus Trojan.Win32.Krypt 20181019
Sophos ML heuristic 20180717
K7AntiVirus Trojan ( 0053c2ba1 ) 20181019
K7GW Trojan ( 0053c2ba1 ) 20181019
Kaspersky Trojan-Banker.Win32.Emotet.bjdw 20181019
Malwarebytes Trojan.Emotet 20181019
MAX malware (ai score=100) 20181019
McAfee Emotet-FIB!2E7CCC3CCC43 20181019
McAfee-GW-Edition Emotet-FIB!2E7CCC3CCC43 20181019
Microsoft Trojan:Win32/Occamy.C 20181019
eScan Trojan.GenericKD.40621169 20181019
Palo Alto Networks (Known Signatures) generic.ml 20181019
Panda Trj/Emotet.C 20181019
Qihoo-360 HEUR/QVM20.1.984C.Malware.Gen 20181019
Sophos AV Mal/Generic-S 20181019
Symantec Trojan.Emotet 20181019
TACHYON Banker/W32.Emotet.497152 20181019
Tencent Win32.Trojan-banker.Emotet.Htwm 20181019
ViRobot Trojan.Win32.Z.Emotet.497152 20181019
Webroot W32.Trojan.Emotet 20181019
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bjdw 20181019
AegisLab 20181019
AhnLab-V3 20181019
Avast-Mobile 20181019
Avira (no cloud) 20181019
Babable 20180918
Baidu 20181019
Bkav 20181019
CMC 20181019
Cybereason 20180225
DrWeb 20181019
eGambit 20181019
F-Prot 20181019
Jiangmin 20181019
Kingsoft 20181019
NANO-Antivirus 20181019
Rising 20181019
SentinelOne (Static ML) 20181011
SUPERAntiSpyware 20181015
Symantec Mobile Insight 20181001
TheHacker 20181018
TotalDefense 20181018
TrendMicro 20181019
TrendMicro-HouseCall 20181019
Trustlook 20181019
VBA32 20181019
VIPRE 20181019
Yandex 20181018
Zillya 20181019
Zoner 20181018
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 1998-2005 Hauppauge Computer Works

Product HCWTVWND
Original name HCWTVWND.dll
Internal name HCWTVWND
File version 3, 01, 24111 PCI-USB DVBT/S PVR
Description HCWTVWND PCI-USB DVBT/S PVR
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-10-17 23:00:21
Entry Point 0x0007435F
Number of sections 5
PE sections
PE imports
SetSecurityDescriptorControl
ClusterRegDeleteValue
GdiSetBatchLimit
FillRgn
GetTickCount64
SetThreadPriority
OpenWaitableTimerW
IsProcessInJob
Wow64SetThreadContext
GetModuleHandleW
GetBinaryTypeA
GetCurrentThread
UnhookWinEvent
IsZoomed
SetDoubleClickTime
UnpackDDElParam
GetFocus
GetNextDlgTabItem
SCardGetProviderIdA
rand
strlen
MonikerRelativePathTo
CoRegisterClassObject
Number of PE resources by type
RT_DIALOG 3
RT_VERSION 1
Number of PE resources by language
ENGLISH US 4
PE resources
ExifTool file metadata
UninitializedDataSize
4294967295

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.1.24111.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
HCWTVWND PCI-USB DVBT/S PVR

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
25088

EntryPoint
0x7435f

OriginalFileName
HCWTVWND.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright 1998-2005 Hauppauge Computer Works

FileVersion
3, 01, 24111 PCI-USB DVBT/S PVR

TimeStamp
2018:10:17 16:00:21-07:00

FileType
Win32 EXE

PEType
PE32

InternalName
HCWTVWND

ProductVersion
3, 01, 24111 PCI-USB DVBT/S PVR

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Hauppauge Computer Works

CodeSize
476672

ProductName
HCWTVWND

ProductVersionNumber
3.1.24111.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 2e7ccc3ccc436c8065ac9a0cd95413cd
SHA1 ff0bc5a4096d1e73d6c3a08178c7521a40f1330b
SHA256 d750a624cc463790d59047c70a33995413e427bb4ba5f34bc15a6d90e724c46a
ssdeep
3072:hdkIGDEnWNjglu8qZVH9kdY8LVfSpiQ6n:hdkIGBd8q7H2dY8LVfS

authentihash c50d772492a66c680d3d405baaa0e38f3c4ea023fab7b9c9c362e49167dfda8b
imphash bb26fbe157f654e948f827375945a308
File size 485.5 KB ( 497152 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (25.2%)
Clipper DOS Executable (25.0%)
Generic Win/DOS Executable (24.8%)
DOS Executable Generic (24.8%)
Tags
peexe

VirusTotal metadata
First submission 2018-10-17 23:07:22 UTC ( 4 months ago )
Last submission 2018-10-17 23:07:22 UTC ( 4 months ago )
File names hzHX.exe
HCWTVWND
HCWTVWND.dll
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!