× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ddc3c43354da32218c32511b9a38c9615aec94059b23817025a9ff61ca99d59e
File name: 19265944.exe
Detection ratio: 23 / 64
Analysis date: 2018-05-20 12:51:18 UTC ( 9 months ago ) View latest
Antivirus Result Update
AegisLab Uds.Dangerousobject.Multi!c 20180520
AVG FileRepMalware 20180520
Avira (no cloud) TR/Crypt.ZPACK.ulmop 20180520
Babable Malware.HighConfidence 20180406
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180518
Bkav HW32.Packed.B30B 20180518
Comodo CloudScanner.Trojan.Gen 20180520
Cylance Unsafe 20180520
Endgame malicious (high confidence) 20180507
ESET-NOD32 a variant of Generik.HCTWUAQ 20180520
Fortinet W32/Kryptik.GGRP!tr 20180520
Sophos ML heuristic 20180504
Kaspersky UDS:DangerousObject.Multi.Generic 20180520
MAX malware (ai score=95) 20180520
McAfee Artemis!9FCF1EF30989 20180520
McAfee-GW-Edition BehavesLike.Win32.Backdoor.cc 20180520
Palo Alto Networks (Known Signatures) generic.ml 20180520
Qihoo-360 HEUR/QVM20.1.48CC.Malware.Gen 20180520
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV Mal/Generic-S 20180520
Symantec ML.Attribute.HighConfidence 20180519
Webroot W32.Trojan.Emotet 20180520
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20180520
Ad-Aware 20180520
AhnLab-V3 20180520
Alibaba 20180518
ALYac 20180520
Antiy-AVL 20180520
Arcabit 20180520
Avast 20180520
Avast-Mobile 20180520
AVware 20180520
BitDefender 20180520
CAT-QuickHeal 20180520
CMC 20180520
CrowdStrike Falcon (ML) 20180202
Cybereason None
Cyren 20180520
DrWeb 20180520
eGambit 20180520
Emsisoft 20180520
F-Prot 20180520
F-Secure 20180520
GData 20180520
Jiangmin 20180520
K7AntiVirus 20180520
K7GW 20180520
Kingsoft 20180520
Malwarebytes 20180520
Microsoft 20180520
eScan 20180520
NANO-Antivirus 20180520
nProtect 20180520
Panda 20180520
Rising 20180520
SUPERAntiSpyware 20180520
Symantec Mobile Insight 20180519
Tencent 20180520
TheHacker 20180516
TotalDefense 20180520
TrendMicro 20180520
TrendMicro-HouseCall 20180520
Trustlook 20180520
VBA32 20180518
VIPRE 20180520
ViRobot 20180520
Yandex 20180518
Zillya 20180519
Zoner 20180520
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-05-20 07:30:36
Entry Point 0x000014CE
Number of sections 8
PE sections
PE imports
RegDeleteKeyW
JetCloseDatabase
RoundRect
GetRasterizerCaps
GetCharWidth32A
FindCloseChangeNotification
GetUserDefaultLangID
IsSystemResumeAutomatic
GetWindowsDirectoryA
lstrcmpiW
GetVersion
LPSAFEARRAY_UserMarshal
SetActivePwrScheme
RasHangUpW
SHIsLowMemoryMachine
PathCombineA
GetCursorPos
GetParent
DefDlgProcA
PostMessageA
ReleaseCapture
IsWindowVisible
ExcludeUpdateRgn
GetCursor
PostQuitMessage
GetKeyboardType
GetClipboardData
memset
WriteClassStm
Number of PE resources by type
RT_STRING 3
Number of PE resources by language
NEUTRAL 3
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2018:05:20 09:30:36+02:00

FileType
Win32 EXE

PEType
PE32

CodeSize
14848

LinkerVersion
12.1

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x14ce

InitializedDataSize
139264

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 9fcf1ef3098902b1ced80efa7d992ab6
SHA1 e9fac060758fd73a66d06ee5b84af1d1defe79cc
SHA256 ddc3c43354da32218c32511b9a38c9615aec94059b23817025a9ff61ca99d59e
ssdeep
3072:Z9hHdQjBYSwD5sdE/APe35hw/wCKhmWyNiL9jlM2Kj:ZbHPSwD5V4Qs/w1CiL9M

authentihash 98bb038c0972f97afbc3de4360452c54e4bcce7056d4ab1ed67c287d33c4e8a3
imphash 7e506da6b30ed4f21c14b131a81901f6
File size 147.5 KB ( 151040 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-05-20 10:56:58 UTC ( 9 months ago )
Last submission 2018-05-28 17:50:54 UTC ( 8 months, 4 weeks ago )
File names 0680.exe
61982.exe
44026.exe
05882.exe
19265944.exe
18892.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
Opened mutexes
Runtime DLLs