× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: dc3f730e7560b4221e7f12927e6c59d1912d299993a1cd216ad1d93e84c60dca
File name: b6mBGiNb0wHh3W.exe
Detection ratio: 52 / 70
Analysis date: 2018-11-29 03:12:10 UTC ( 2 months, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.40659959 20181129
AhnLab-V3 Trojan/Win32.Emotet.R241774 20181128
ALYac Trojan.GenericKD.40659959 20181129
Antiy-AVL Trojan[Banker]/Win32.Emotet 20181128
Arcabit Trojan.Generic.D26C6BF7 20181129
Avast Win32:MalwareX-gen [Trj] 20181129
AVG Win32:MalwareX-gen [Trj] 20181129
Avira (no cloud) TR/Crypt.ZPACK.Gen2 20181129
BitDefender Trojan.GenericKD.40659959 20181129
Bkav HW32.Packed. 20181128
CAT-QuickHeal Trojan.IGENERIC 20181128
ClamAV Win.Trojan.Emotet-6748801-0 20181128
Comodo Malware@#2s60bxm0sccbg 20181128
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.db9167 20180225
Cylance Unsafe 20181129
Cyren W32/Trojan.WMLH-2352 20181129
Emsisoft Trojan.GenericKD.40659959 (B) 20181129
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GMDC 20181129
F-Secure Trojan.GenericKD.40659959 20181129
Fortinet W32/Kryptik.GMDC!tr 20181129
GData Trojan.GenericKD.40659959 20181129
Ikarus Trojan.Win32.Crypt 20181128
Sophos ML heuristic 20181128
K7AntiVirus Riskware ( 0040eff71 ) 20181129
K7GW Riskware ( 0040eff71 ) 20181128
Kaspersky Trojan-Banker.Win32.Emotet.blfu 20181129
Malwarebytes Trojan.Emotet 20181129
MAX malware (ai score=100) 20181129
McAfee RDN/Generic.grp 20181129
McAfee-GW-Edition BehavesLike.Win32.Emotet.cc 20181128
Microsoft Trojan:Win32/Emotet.AC!bit 20181129
eScan Trojan.GenericKD.40659959 20181129
NANO-Antivirus Trojan.Win32.Kryptik.fjvppt 20181129
Palo Alto Networks (Known Signatures) generic.ml 20181129
Panda Trj/Genetic.gen 20181128
Qihoo-360 Win32/Trojan.d44 20181129
Rising Trojan.Crypto!8.364 (CLOUD) 20181129
SentinelOne (Static ML) static engine - malicious 20181011
Sophos AV Mal/EncPk-ANY 20181129
Symantec Trojan.Emotet 20181128
Tencent Win32.Trojan-banker.Emotet.Chh 20181129
Trapmine malicious.moderate.ml.score 20181126
TrendMicro TROJ_GEN.R00AC0CK118 20181128
TrendMicro-HouseCall TrojanSpy.Win32.EMOTET.SMDS.hp 20181129
VBA32 BScope.Trojan.Refinka 20181128
VIPRE Trojan.Win32.Generic!BT 20181129
ViRobot Trojan.Win32.Z.Encpk.135168.A 20181128
Webroot W32.Trojan.Emotet 20181129
Zillya Trojan.Emotet.Win32.6973 20181128
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.blfu 20181129
AegisLab 20181129
Alibaba 20180921
Avast-Mobile 20181128
Babable 20180918
Baidu 20181128
CMC 20181128
DrWeb 20181129
eGambit 20181129
F-Prot 20181129
Jiangmin 20181129
Kingsoft 20181129
SUPERAntiSpyware 20181128
Symantec Mobile Insight 20181121
TACHYON 20181129
TheHacker 20181126
TotalDefense 20181128
Trustlook 20181129
Yandex 20181128
Zoner 20181129
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All r

Product LegDllView
Original name LegDllView.exe
Internal name LegDllView
File version 1.14
Description LegDllView
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-07-27 17:30:04
Entry Point 0x00004100
Number of sections 6
PE sections
PE imports
CryptContextAddRef
FreeEncryptionCertificateHashList
CryptSIPRetrieveSubjectGuidForCatalogFile
CryptVerifyMessageSignature
CertVerifySubjectCertificateContext
PlayEnhMetaFileRecord
DeleteEnhMetaFile
InvertRgn
GetCurrentObject
SetPixelFormat
CreateRoundRectRgn
ImmGetIMEFileNameW
GetThreadUILanguage
GetCommandLineW
BackupWrite
GetDiskFreeSpaceExW
GetTickCount
CloseHandle
IsProcessorFeaturePresent
DeleteFileW
GetThreadTimes
GetNumberOfConsoleMouseButtons
CopyFileExW
SystemTimeToTzSpecificLocalTime
GetCurrentThread
ICCompressorFree
IsPwrHibernateAllowed
RpcServerUseAllProtseqsIf
RpcStringBindingParseA
SetupOpenFileQueue
SetupCreateDiskSpaceListW
FindExecutableA
ExtractAssociatedIconW
EnumerateSecurityPackagesW
GetCaretBlinkTime
GetClipCursor
InsertMenuItemW
DdeConnectList
KillTimer
DrawMenuBar
ToAsciiEx
GetSysColor
PostThreadMessageA
VerQueryValueW
InternetAutodial
HttpEndRequestA
midiStreamOut
SetFormW
CoFileTimeToDosDateTime
GetConvertStg
Number of PE resources by type
RT_STRING 4
RT_VERSION 1
Number of PE resources by language
NORWEGIAN BOKMAL 5
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
12.0

ImageVersion
0.1

FileSubtype
0

FileVersionNumber
1.6.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
LegDllView

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
151552

EntryPoint
0x4100

OriginalFileName
LegDllView.exe

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All r

FileVersion
1.14

TimeStamp
2013:07:27 18:30:04+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
LegDllView

ProductVersion
6.1

SubsystemVersion
5.0

OSVersion
6.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
JimSoft

CodeSize
16384

ProductName
LegDllView

ProductVersionNumber
1.6.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 0065d3f47debba2ca427e4f7d31fbcb2
SHA1 18f1502db91677ec7ec18acc9ab4e0fd05fd3f2e
SHA256 dc3f730e7560b4221e7f12927e6c59d1912d299993a1cd216ad1d93e84c60dca
ssdeep
3072:TlIOC24PzQClV1VzptPT6TJz6T9uCxoNsxKj9hjVyz0:TlIfbQMXeTJz48GkLj

authentihash ccbbb6cad46adce43f78583d854084e48986df893806e544c9519ec81cfea5e5
imphash 00bfdaf3817ab86d689e7600883aea4b
File size 132.0 KB ( 135168 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-10-29 14:53:16 UTC ( 3 months, 2 weeks ago )
Last submission 2018-10-29 14:53:16 UTC ( 3 months, 2 weeks ago )
File names b6mBGiNb0wHh3W.exe
LegDllView
LegDllView.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!