× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d9f027a108069bc29662d37a740fc10e95a7d934648395db8665f17055ccf983
File name: d9f027a108069bc29662d37a740fc10e95a7d934648395db8665f17055ccf983
Detection ratio: 15 / 70
Analysis date: 2018-11-29 04:41:19 UTC ( 2 months, 2 weeks ago ) View latest
Antivirus Result Update
CAT-QuickHeal Trojan.Emotet.X4 20181128
ClamAV Win.Trojan.Emotet-6748801-0 20181128
Comodo Obfuscated.GEN@1nk2dk 20181128
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181022
Cylance Unsafe 20181129
Emsisoft Trojan.Emotet (A) 20181129
Endgame malicious (high confidence) 20181108
Fortinet W32/Kryptik.GNFC!tr 20181129
Microsoft Program:Win32/Unwaders.C!ml 20181129
Qihoo-360 HEUR/QVM20.1.8599.Malware.Gen 20181129
Rising Malware.Heuristic!ET#100% (RDM+:cmRtazq+O/8SvSxEVqme4NHd+Awr) 20181129
SentinelOne (Static ML) static engine - malicious 20181011
Symantec ML.Attribute.HighConfidence 20181129
Trapmine malicious.high.ml.score 20181126
Webroot W32.Trojan.Emotet 20181129
Ad-Aware 20181129
AegisLab 20181129
AhnLab-V3 20181128
Alibaba 20180921
ALYac 20181129
Antiy-AVL 20181128
Arcabit 20181129
Avast 20181129
Avast-Mobile 20181128
AVG 20181129
Avira (no cloud) 20181129
Babable 20180918
Baidu 20181128
BitDefender 20181129
Bkav 20181128
CMC 20181128
Cybereason 20180225
Cyren 20181129
DrWeb 20181129
eGambit 20181129
ESET-NOD32 20181129
F-Prot 20181129
F-Secure 20181129
GData 20181129
Ikarus 20181128
Sophos ML 20181128
Jiangmin 20181129
K7AntiVirus 20181129
K7GW 20181128
Kaspersky 20181129
Kingsoft 20181129
Malwarebytes 20181129
MAX 20181129
McAfee 20181129
McAfee-GW-Edition 20181129
eScan 20181129
NANO-Antivirus 20181129
Palo Alto Networks (Known Signatures) 20181129
Panda 20181128
Sophos AV 20181129
SUPERAntiSpyware 20181128
Symantec Mobile Insight 20181121
TACHYON 20181129
Tencent 20181129
TheHacker 20181126
TotalDefense 20181128
TrendMicro 20181129
TrendMicro-HouseCall 20181129
Trustlook 20181129
VBA32 20181128
VIPRE None
ViRobot 20181128
Yandex 20181128
Zillya 20181128
ZoneAlarm by Check Point 20181129
Zoner 20181129
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation

Product Microsoft®
Internal name securit
File version 3.00.
Description V
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-11-29 04:31:00
Entry Point 0x00063AE9
Number of sections 5
PE sections
PE imports
GetNamedPipeClientProcessId
GetModuleHandleA
GetTimeZoneInformation
LZSeek
DdeConnect
timeGetTime
CryptCATOpen
CoInvalidateRemoteMachineBindings
Number of PE resources by type
RT_STRING 5
RT_RCDATA 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 6
ENGLISH US 1
PE resources
ExifTool file metadata
SpecialBuild
[pre-release version: pre-alpha]

SubsystemVersion
5.0

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
8.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
V

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
53248

EntryPoint
0x63ae9

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation

FileVersion
3.00.

TimeStamp
2018:11:29 05:31:00+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
securit

UninitializedDataSize
0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
S Corpora

CodeSize
409600

ProductName
Microsoft

ProductVersionNumber
0.0.0.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

Execution parents
File identification
MD5 ff955481197a81403de372cf465ce1fb
SHA1 a3482a095520d809b0773d4069d47d7b46bf3496
SHA256 d9f027a108069bc29662d37a740fc10e95a7d934648395db8665f17055ccf983
ssdeep
3072:nrLzaX9KbLNmMy0ndT3yOZb4GqSbzqphhjXB93k:rH3L3dZ0ZSb+ph

authentihash 1df33ef51eb73d0aab39d3fdedd414802112da1fd2034d743af08d12095c2f4c
imphash ccff2a82d62c7ddb6a4cbc97149551bc
File size 448.0 KB ( 458752 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-11-29 04:41:19 UTC ( 2 months, 2 weeks ago )
Last submission 2019-01-22 09:16:26 UTC ( 3 weeks, 4 days ago )
File names 27AC7335.exe
051488.exe
24.exe
2341.exe
939795.exe
securit
strcompon.exe
854.exe
81026.exe
2424.exe
18681.exe
596.exe
8.exe
ff955481197a81403de372cf465ce1fb
shooterdsm(124).gxe
6638.exe
output.114591500.txt
1.exe
hT3jeKk8NMAc.exe
output.114592270.txt
0.exe
7263077.exe
244.exe
53.exe
ff955481197a81403de372cf465ce1fb
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!