× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ded7aacb74f2fcd5b923a2e7fb1ae5d3c097e202cda7da4f1140faf5acba0b6f
File name: Lc1m1aw6.exe
Detection ratio: 54 / 72
Analysis date: 2018-12-25 02:31:08 UTC ( 1 month, 3 weeks ago ) View latest
Antivirus Result Update
Acronis malware 20181224
Ad-Aware Trojan.Autoruns.GenericKDS.31377617 20181224
AhnLab-V3 Trojan/Win32.Emotet.R245745 20181224
ALYac Trojan.Autoruns.GenericKDS.31377617 20181224
Antiy-AVL Trojan[Banker]/Win32.Emotet 20181223
Arcabit Trojan.Autoruns.GenericS.D1DEC8D1 20181224
Avast Win32:Malware-gen 20181224
AVG Win32:Malware-gen 20181224
Avira (no cloud) HEUR/AGEN.1037186 20181224
BitDefender Trojan.Autoruns.GenericKDS.31377617 20181224
CAT-QuickHeal Trojan.IGENERIC 20181224
ClamAV Win.Trojan.Emotet-6748801-0 20181224
Comodo Malware@#13k23s1tk36cb 20181224
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.d90429 20180225
Cylance Unsafe 20181225
Cyren W32/Emotet.JL.gen!Eldorado 20181224
DrWeb Trojan.EmotetENT.303 20181224
Emsisoft Trojan.Emotet (A) 20181224
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GNAS 20181225
F-Prot W32/Emotet.JL.gen!Eldorado 20181224
F-Secure Trojan.Autoruns.GenericKDS.31377617 20181224
Fortinet W32/Kryptik.GMOJ!tr 20181224
GData Trojan.Autoruns.GenericKDS.31377617 20181224
Ikarus Trojan-Banker.Emotet 20181224
Sophos ML heuristic 20181128
K7AntiVirus Trojan ( 0053b6a31 ) 20181224
K7GW Trojan ( 0053b6a31 ) 20181224
Kaspersky Trojan-Banker.Win32.Emotet.brex 20181224
Malwarebytes Trojan.Emotet 20181224
MAX malware (ai score=100) 20181225
McAfee Emotet-FKT!1062741D9042 20181225
McAfee-GW-Edition BehavesLike.Win32.Emotet.ch 20181225
Microsoft Trojan:Win32/Emotet.BT 20181225
eScan Trojan.Autoruns.GenericKDS.31377617 20181225
NANO-Antivirus Trojan.Win32.Emotet.fkorbt 20181225
Palo Alto Networks (Known Signatures) generic.ml 20181225
Panda Trj/RnkBend.A 20181224
Qihoo-360 Win32/Trojan.12d 20181225
Rising Trojan.GenKryptik!8.AA55 (CLOUD) 20181225
Sophos AV Mal/EncPk-ANY 20181225
SUPERAntiSpyware Trojan.Agent/Gen-Emotet 20181220
Symantec Trojan.Emotet 20181224
Tencent Win32.Trojan-banker.Emotet.Dvfu 20181225
Trapmine malicious.high.ml.score 20181205
TrendMicro TROJ_GEN.R03FC0DKN18 20181225
TrendMicro-HouseCall TrojanSpy.Win32.EMOTET.SMGG.hp 20181225
VBA32 BScope.TrojanBanker.Emotet 20181222
VIPRE Trojan.Win32.Generic!BT 20181225
Webroot W32.Trojan.Emotet 20181225
Yandex Trojan.PWS.Emotet! 20181223
Zillya Trojan.Emotet.Win32.7648 20181222
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.brex 20181224
AegisLab 20181224
Alibaba 20180921
Avast-Mobile 20181224
AVware 20180925
Babable 20180918
Baidu 20181207
Bkav 20181224
CMC 20181224
eGambit 20181225
Jiangmin 20181224
Kingsoft 20181225
SentinelOne (Static ML) 20181223
Symantec Mobile Insight 20181215
TACHYON 20181224
TheHacker 20181220
TotalDefense 20181223
Trustlook 20181225
ViRobot 20181224
Zoner 20181224
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft

Product Sola Plug-in
Original name c_gb18030.
Internal name Loft Plug-in
File version 1, 5, 2, 50
Description Lynx 64 OPPD
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1994-12-21 05:03:18
Entry Point 0x0000178C
Number of sections 8
PE sections
PE imports
ImpersonateAnonymousToken
RegDisableReflectionKey
RegOverridePredefKey
ResizePalette
GetTextCharsetInfo
SelectClipRgn
PtVisible
OffsetRgn
GetProcessIoCounters
GetThreadPriority
GetSystemInfo
AllocConsole
GetSystemDefaultLCID
TerminateJobObject
IsProcessorFeaturePresent
GetConsoleProcessList
GetCommandLineA
SetConsoleOutputCP
AllocateUserPhysicalPagesNuma
RpcBindingInqAuthInfoExW
SHFormatDrive
MapDialogRect
GetLastInputInfo
AddClipboardFormatListener
EnableWindow
ChildWindowFromPoint
GetComboBoxInfo
TranslateMessage
GetSysColor
SetWindowPos
iswalpha
MkParseDisplayName
CoFreeLibrary
CoRevokeMallocSpy
Number of PE resources by type
RT_DIALOG 19
RT_STRING 10
RT_VERSION 1
Number of PE resources by language
ITALIAN NEUTRAL 3
SWEDISH NEUTRAL 3
CHINESE TRADITIONAL 3
SPANISH NEUTRAL 3
GERMAN NEUTRAL 3
CHINESE SIMPLIFIED 3
JAPANESE DEFAULT 3
FRENCH NEUTRAL 3
ENGLISH US 3
KOREAN 3
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.4.2.50

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Lynx 64 OPPD

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Windows, Latin1

LinkerVersion
14.0

EntryPoint
0x178c

OriginalFileName
c_gb18030.

MIMEType
application/x-java-applet;version=1.3.1|application/x-java-bean;version=1.3.1|application/x-java-applet;version=1.4|application/x-java-bean;version=1.4|application/x-java-applet;version=1.4.1|application/x-java-bean;version=1.4.1

LegalCopyright
Microsoft

FileExtents
|||||

FileOpenName
Lync Applet|JavaBeans|Lynx Applet|LunxMings|Ming Applet|SolaBeans

FileVersion
1, 5, 2, 50

TimeStamp
1994:12:21 06:03:18+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Loft Plug-in

ProductVersion
3, 4, 2, 50

SubsystemVersion
5.0

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
LyncSoft / Sun Microsystems, Inc.

CodeSize
12288

ProductName
Sola Plug-in

ProductVersionNumber
1.4.2.50

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 1062741d9042962de6759cc8c639eebc
SHA1 60b5b27003835e5b061087e1fcbab29f788527a0
SHA256 ded7aacb74f2fcd5b923a2e7fb1ae5d3c097e202cda7da4f1140faf5acba0b6f
ssdeep
3072:9djaGQdl7ESw6gP3JUQ1B/8bPFIkDVB7PkaBNKTxZYGQ:9dmGQXESTgP3KQ1B/8bPBbUnB

authentihash 5a4ea09b5a32e26f6ddf95fca0c0cc351ac144242ec16787722b3bf012f89a83
imphash ff79a052a126230a2fa548ffc1732406
File size 176.0 KB ( 180224 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.7%)
OS/2 Executable (generic) (19.2%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
Tags
peexe

VirusTotal metadata
First submission 2018-11-21 18:04:01 UTC ( 3 months ago )
Last submission 2018-11-21 18:04:01 UTC ( 3 months ago )
File names Loft Plug-in
c_gb18030.
Lc1m1aw6.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!