× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e0a58678843794307e12fd9bb0ce83c4aaa37786ae2856b9153ecebad1428300
File name: e0a58678843794307e12fd9bb0ce83c4aaa37786ae2856b9153ecebad1428300
Detection ratio: 14 / 68
Analysis date: 2018-07-15 01:30:07 UTC ( 7 months, 1 week ago ) View latest
Antivirus Result Update
Avast FileRepMalware 20180714
AVG FileRepMalware 20180714
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180712
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180530
Cylance Unsafe 20180715
Endgame malicious (high confidence) 20180711
ESET-NOD32 a variant of Win32/Kryptik.GIUR 20180715
Sophos ML heuristic 20180601
Microsoft Trojan:Win32/Emotet.AC!bit 20180714
Palo Alto Networks (Known Signatures) generic.ml 20180715
Qihoo-360 HEUR/QVM20.1.8199.Malware.Gen 20180715
SentinelOne (Static ML) static engine - malicious 20180701
Symantec Packed.Generic.517 20180714
Webroot W32.Trojan.Emotet 20180715
Ad-Aware 20180715
AegisLab 20180715
AhnLab-V3 20180714
Alibaba 20180713
ALYac 20180714
Antiy-AVL 20180715
Arcabit 20180714
Avast-Mobile 20180714
Avira (no cloud) 20180714
AVware 20180714
Babable 20180406
BitDefender 20180715
Bkav 20180713
CAT-QuickHeal 20180714
ClamAV 20180714
CMC 20180714
Comodo 20180714
Cybereason 20180225
Cyren 20180714
DrWeb 20180714
eGambit 20180715
Emsisoft 20180714
F-Prot 20180715
F-Secure 20180714
Fortinet 20180714
GData 20180715
Ikarus 20180714
Jiangmin 20180714
K7AntiVirus 20180714
K7GW 20180715
Kaspersky 20180715
Kingsoft 20180715
Malwarebytes 20180714
MAX 20180715
McAfee 20180715
McAfee-GW-Edition 20180715
eScan 20180715
NANO-Antivirus 20180715
Panda 20180714
Rising 20180714
Sophos AV 20180714
SUPERAntiSpyware 20180714
TACHYON 20180714
Tencent 20180715
TheHacker 20180712
TotalDefense 20180714
TrendMicro 20180714
TrendMicro-HouseCall 20180714
Trustlook 20180715
VBA32 20180713
VIPRE 20180715
ViRobot 20180714
Yandex 20180713
Zillya 20180713
ZoneAlarm by Check Point 20180714
Zoner 20180714
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserv

Product Microsoft® Windows® Operating S
Original name wfw.fwf
Internal name вввы (03.2)
Description Windows Cryptographic
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-02-23 03:20:06
Entry Point 0x00001824
Number of sections 6
PE sections
PE imports
SetBitmapBits
lstrlenA
FlsFree
SystemTimeToTzSpecificLocalTime
DdeDisconnectList
ShowCursor
GetClipboardOwner
CryptCATCDFEnumMembers
UninstallColorProfileW
isleadbyte
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
12.1

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
36.1.2223.432

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Windows Cryptographic

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
10240

EntryPoint
0x1824

OriginalFileName
PrintIsolationHost.exe

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserv

TimeStamp
2017:02:22 19:20:06-08:00

FileType
Win32 EXE

PEType
PE32

InternalName
(03.2)

ProductVersion
6.1.7600.16385

SubsystemVersion
5.0

OSVersion
5.1

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Ddfdgf dgdsger

CodeSize
101376

ProductName
Microsoft Windows Operating S

ProductVersionNumber
16.1.4235.11

FileTypeExtension
exe

ObjectFileType
Dynamic link library

Compressed bundles
File identification
MD5 ee21da239f06386dbc2ed7f2735c4d14
SHA1 d4685a68c62e534f94b1e4265c961809d127282b
SHA256 e0a58678843794307e12fd9bb0ce83c4aaa37786ae2856b9153ecebad1428300
ssdeep
1536:C2tarUHHQ6sr2CteF7ZyXGgcYmRAYKlPGKVDjKxCzGW6SJSHqDjDGRWi7C0ey:xQrUn82CIFVYNmRrgVWAOyjZi7b

authentihash 64b8c74d453d9961acd36671d7c4b3e90d48b907060b5e109dec98c554f72925
imphash 1c4b595af3decb2923dbf303adcfd04c
File size 106.0 KB ( 108544 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-07-15 01:27:54 UTC ( 7 months, 1 week ago )
Last submission 2018-07-21 06:35:38 UTC ( 7 months ago )
File names fySjVMkJB.exe
wfw.fwf
вввы (03.2)
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!