× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: db9b2353a497a591c76d257390e984ed4e2e302a450ee55b1d33bd3ef76d3e1f
File name: d919668b29eb88b6a530eec0406aa743.virus
Detection ratio: 35 / 68
Analysis date: 2018-10-10 01:29:34 UTC ( 6 months, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.Emotet.KC 20181009
AhnLab-V3 Trojan/Win32.Emotet.R238622 20181009
ALYac Trojan.Emotet.KC 20181009
Arcabit Trojan.Emotet.KC 20181009
Avast Win32:TrojanX-gen [Trj] 20181009
AVG Win32:TrojanX-gen [Trj] 20181009
BitDefender Trojan.Emotet.KC 20181009
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cybereason malicious.b29eb8 20180225
Cylance Unsafe 20181010
Cyren W32/Trojan.XTEF-6485 20181009
DrWeb Trojan.Gozi.344 20181009
Emsisoft Trojan.Agent (A) 20181009
Endgame malicious (high confidence) 20180730
ESET-NOD32 Win32/Spy.Ursnif.BP 20181009
F-Prot W32/Trojan2.PYXG 20181009
F-Secure Trojan.Emotet.KC 20181009
Fortinet W32/GenKryptik.CMYY!tr 20181009
GData Trojan.Emotet.KC 20181009
Sophos ML heuristic 20180717
K7AntiVirus Trojan ( 0053e1681 ) 20181009
K7GW Trojan ( 0053e1681 ) 20181009
Malwarebytes Trojan.Emotet 20181009
MAX malware (ai score=87) 20181010
McAfee Emotet-FJG!D919668B29EB 20181009
McAfee-GW-Edition Emotet-FJG!D919668B29EB 20181009
Microsoft Trojan:Win32/Emotet.AP 20181009
eScan Trojan.Emotet.KC 20181009
Panda Trj/GdSda.A 20181009
Qihoo-360 HEUR/QVM20.1.6BE1.Malware.Gen 20181010
Sophos AV Mal/EncPk-ANY 20181009
Symantec ML.Attribute.HighConfidence 20181009
VBA32 Trojan.Gozi 20181009
Webroot W32.Trojan.Gen 20181010
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20181009
AegisLab 20181009
Alibaba 20180921
Antiy-AVL 20181009
Avast-Mobile 20181009
Avira (no cloud) 20181009
AVware 20180925
Babable 20180918
Baidu 20181009
Bkav 20181009
CAT-QuickHeal 20181008
ClamAV 20181009
CMC 20181009
Comodo 20181009
eGambit 20181010
Ikarus 20181009
Jiangmin 20181009
Kaspersky 20181009
Kingsoft 20181010
NANO-Antivirus 20181009
Palo Alto Networks (Known Signatures) 20181010
Rising 20181009
SentinelOne (Static ML) 20180926
SUPERAntiSpyware 20181006
Symantec Mobile Insight 20181001
TACHYON 20181009
Tencent 20181010
TheHacker 20181008
TotalDefense 20181009
TrendMicro 20181009
TrendMicro-HouseCall 20181009
Trustlook 20181010
ViRobot 20181009
Yandex 20181008
Zillya 20181009
Zoner 20181008
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® .NET Framework
Original name aspnet_counters.dll
Internal name aspnet_counters.dll
File version 4.0.30319.34209 built by: FX452RTMGDR
Description Microsoft ASP.NET Performance Counter Shim DLL
Comments Flavor=Retail
Signature verification The digital signature of the object did not verify.
Signing date 11:13 PM 2/23/2019
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2008-07-15 17:43:11
Entry Point 0x000026D0
Number of sections 10
PE sections
Overlays
MD5 760266e33055fe13f053f9e76058e3d0
File type data
Offset 196608
Size 5568
Entropy 7.42
PE imports
CryptDeriveKey
RegSetKeySecurity
RegQueryInfoKeyA
AdjustTokenGroups
LocaleNameToLCID
EnumSystemCodePagesW
GetPrivateProfileSectionNamesA
SetCurrentConsoleFontEx
CompareStringA
FindFirstFileExW
TzSpecificLocalTimeToSystemTime
DsListSitesW
SafeArrayDestroyDescriptor
CreateTypeLib2
I_RpcFreeBuffer
SetupDiOpenDeviceInfoW
SetupDiSetSelectedDevice
StrChrNW
PathIsUNCA
SetUserObjectInformationW
OffsetRect
midiOutCacheDrumPatches
Ord(30)
isdigit
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.1

Comments
Flavor=Retail

InitializedDataSize
18176

ImageVersion
5.1

ProductName
Microsoft .NET Framework

FileVersionNumber
4.0.30319.34209

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

LinkerVersion
7.0

PrivateBuild
DDBLD354

FileTypeExtension
exe

OriginalFileName
aspnet_counters.dll

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
4.0.30319.34209 built by: FX452RTMGDR

TimeStamp
2008:07:15 19:43:11+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
aspnet_counters.dll

ProductVersion
4.0.30319.34209

FileDescription
Microsoft ASP.NET Performance Counter Shim DLL

OSVersion
5.1

FileOS
Win32

LegalCopyright
Microsoft Corporation. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
359936

FileSubtype
0

ProductVersionNumber
4.0.30319.34209

EntryPoint
0x26d0

ObjectFileType
Dynamic link library

File identification
MD5 d919668b29eb88b6a530eec0406aa743
SHA1 750314272ae699a52d19d0b7c0a61403b810e122
SHA256 db9b2353a497a591c76d257390e984ed4e2e302a450ee55b1d33bd3ef76d3e1f
ssdeep
1536:H8IEfS0kN1aexFEgY8jHhbQRfwBfO/Zl4thddkaW/7qCFrgfnvr+ESOkiT:b+IjHhbQRfws/ydjufpgfnT+tO7

authentihash 531f18f3f4410fb1dbb8bf48f453a14ff187ffe5704ece5e060eb47edd7d6e10
imphash d57fd27bb594bd0cdf4d94ea07822435
File size 197.4 KB ( 202176 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe overlay

VirusTotal metadata
First submission 2018-10-10 01:29:34 UTC ( 6 months, 2 weeks ago )
Last submission 2018-10-10 01:29:34 UTC ( 6 months, 2 weeks ago )
File names d919668b29eb88b6a530eec0406aa743.virus
aspnet_counters.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!