× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e05d1aa3918bf75846b9e26fe4c3b76d9232fea1b7dc7ebcbbcb1ea1334819c3
File name: ZyPEUeSdXzcCWf8Pc.exe
Detection ratio: 28 / 66
Analysis date: 2018-07-27 22:54:35 UTC ( 6 months, 4 weeks ago ) View latest
Antivirus Result Update
AegisLab Packer.Generic!c 20180727
Avast FileRepMalware 20180727
AVG FileRepMalware 20180727
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9730 20180726
Bkav HW32.Packed.A53B 20180727
CAT-QuickHeal Trojan.Emotet.X4 20180725
Comodo .UnclassifiedMalware 20180727
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20180723
Cybereason malicious.7b1cda 20180225
Cylance Unsafe 20180727
Endgame malicious (high confidence) 20180711
ESET-NOD32 a variant of Win32/GenKryptik.CGLW 20180727
Fortinet W32/GenKryptik.CFNI!tr 20180727
Sophos ML heuristic 20180717
Kaspersky UDS:DangerousObject.Multi.Generic 20180727
Malwarebytes Spyware.Emotet 20180727
McAfee RDN/Generic.RP 20180727
McAfee-GW-Edition BehavesLike.Win32.Ransomware.cc 20180727
Microsoft Trojan:Win32/Emotet.AC!bit 20180727
Palo Alto Networks (Known Signatures) generic.ml 20180727
Qihoo-360 HEUR/QVM20.1.C981.Malware.Gen 20180727
Rising Trojan.Fuerboos!8.EFC8 (CLOUD) 20180727
SentinelOne (Static ML) static engine - malicious 20180701
Symantec Packed.Generic.517 20180727
TrendMicro TROJ_FRS.VSN1BG18 20180727
TrendMicro-HouseCall TROJ_FRS.VSN1BG18 20180727
Webroot W32.Trojan.Emotet 20180727
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20180727
Ad-Aware 20180727
AhnLab-V3 20180727
Alibaba 20180713
ALYac 20180727
Antiy-AVL 20180727
Arcabit 20180727
Avast-Mobile 20180727
Avira (no cloud) 20180727
AVware 20180727
Babable 20180725
BitDefender 20180727
ClamAV 20180727
CMC 20180727
Cyren 20180727
DrWeb 20180727
eGambit 20180727
Emsisoft 20180727
F-Prot 20180727
F-Secure 20180727
GData 20180727
Ikarus 20180727
Jiangmin 20180727
K7AntiVirus 20180727
K7GW 20180727
Kingsoft 20180727
MAX 20180727
eScan 20180727
NANO-Antivirus 20180727
Panda 20180727
Sophos AV 20180727
SUPERAntiSpyware 20180727
TACHYON 20180727
Tencent 20180727
TheHacker 20180727
Trustlook 20180727
VBA32 20180727
VIPRE 20180727
ViRobot 20180727
Yandex 20180725
Zoner 20180727
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2004-01-07 05:45:57
Entry Point 0x00001362
Number of sections 4
PE sections
PE imports
GetUserDefaultUILanguage
GetThreadPriority
GetConsoleMode
GetNamedPipeServerSessionId
GetNumberOfConsoleInputEvents
GetCommandLineA
GetScrollRange
WindowFromPhysicalPoint
IsGUIThread
GetWindow
GetWindowInfo
SetScrollPos
SCardFreeMemory
OleDestroyMenuDescriptor
Number of PE resources by type
RT_STRING 23
Number of PE resources by language
NEUTRAL 15
ENGLISH NEUTRAL 5
TURKISH DEFAULT 3
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2004:01:07 06:45:57+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
12288

LinkerVersion
12.0

ImageFileCharacteristics
No relocs, Executable, 32-bit

EntryPoint
0x1362

InitializedDataSize
131072

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
6.0

UninitializedDataSize
0

Execution parents
File identification
MD5 38dd6caa50edf377182f46e067f98a4e
SHA1 fef36667b1cda03430b7a33ad7787fd2eef1664f
SHA256 e05d1aa3918bf75846b9e26fe4c3b76d9232fea1b7dc7ebcbbcb1ea1334819c3
ssdeep
3072:glwd+EaoXJjr0Z18SjlRFzN6uxNL+rU+bBJ808FhHr0w:aEaohI64lDBX0rU+H808bHr

authentihash 2b669d6df42ad14590a9ab84857c1b9205518cef95ec0fe92407c41c9c42a3af
imphash 6be678868fd2d96db50607c64dade629
File size 140.0 KB ( 143360 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe

VirusTotal metadata
First submission 2018-07-27 17:23:12 UTC ( 6 months, 4 weeks ago )
Last submission 2018-07-28 05:49:25 UTC ( 6 months, 4 weeks ago )
File names ZyPEUeSdXzcCWf8Pc.exe
4621.exe
93853.exe
448.exe
stylestrace.exe
55516.exe
9224793.exe
stylesapply.exe
4.exe
stylestrace.exe
refvoice.exe
782.exe
refvoice.exe
stylesapply.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!