× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e1466314632026c4dc0f950709f91abc07738aa614d20add817da1e84e8f3330
File name: accountquota.exe
Detection ratio: 36 / 67
Analysis date: 2018-06-18 04:57:07 UTC ( 8 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.30983571 20180618
AegisLab Uds.Dangerousobject.Multi!c 20180618
Arcabit Trojan.Generic.D1D8C5DA 20180618
Avast Win32:Malware-gen 20180618
AVG Win32:Malware-gen 20180618
BitDefender Trojan.GenericKD.30983571 20180618
Bkav W32.eHeur.Malware12 20180616
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20180530
Cybereason malicious.36f382 20180225
Cylance Unsafe 20180618
Cyren W32/Emotet.CK.gen!Eldorado 20180618
DrWeb Trojan.EmotetENT.242 20180618
Emsisoft Trojan.GenericKD.30983571 (B) 20180618
Endgame malicious (high confidence) 20180612
ESET-NOD32 a variant of Win32/GenKryptik.CCWF 20180618
F-Prot W32/Emotet.CK.gen!Eldorado 20180618
F-Secure Trojan.GenericKD.30983642 20180618
Fortinet W32/Kryptik.GHPK!tr 20180618
GData Trojan.GenericKD.30983571 20180618
Sophos ML heuristic 20180601
Kaspersky Trojan-Banker.Win32.Emotet.asqg 20180618
Malwarebytes Trojan.Emotet 20180618
MAX malware (ai score=98) 20180618
McAfee GenericRXFV-FF!B67CEB19E3B5 20180618
McAfee-GW-Edition BehavesLike.Win32.Trojan.ch 20180618
eScan Trojan.GenericKD.30983571 20180618
Palo Alto Networks (Known Signatures) generic.ml 20180618
Qihoo-360 Win32/Trojan.Multi.c78 20180618
SentinelOne (Static ML) static engine - malicious 20180617
Sophos AV Mal/Generic-S 20180618
Symantec ML.Attribute.HighConfidence 20180617
Tencent Win32.Trojan-banker.Emotet.Pfjg 20180618
TrendMicro TROJ_FRS.VSN11F18 20180618
TrendMicro-HouseCall TROJ_FRS.VSN11F18 20180618
Webroot W32.Trojan.Emotet 20180618
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.asqg 20180618
AhnLab-V3 20180617
Alibaba 20180615
ALYac 20180618
Antiy-AVL 20180618
Avast-Mobile 20180617
Avira (no cloud) 20180617
AVware 20180618
Baidu 20180615
CAT-QuickHeal 20180618
ClamAV 20180617
CMC 20180617
Comodo 20180618
eGambit 20180618
Ikarus 20180617
Jiangmin 20180618
K7AntiVirus 20180618
K7GW 20180618
Kingsoft 20180618
Microsoft 20180618
NANO-Antivirus 20180618
Panda 20180617
Rising 20180618
SUPERAntiSpyware 20180617
Symantec Mobile Insight 20180614
TACHYON 20180618
TheHacker 20180613
TotalDefense 20180617
Trustlook 20180618
VBA32 20180615
VIPRE 20180618
ViRobot 20180617
Yandex 20180615
Zillya 20180615
Zoner 20180617
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-06-17 17:53:43
Entry Point 0x0000144D
Number of sections 5
PE sections
PE imports
ImpersonateNamedPipeClient
EncryptionDisable
GetNumberOfEventLogRecords
SetWindowOrgEx
SetMapMode
SetCurrentDirectoryW
LocalLock
GetNumaAvailableMemoryNode
GetFileSize
GetSystemDefaultLocaleName
OpenProcess
GetThreadPriority
ChangeTimerQueueTimer
CloseHandle
GetSystemTimeAsFileTime
lstrcmpW
IsNLSDefinedString
FatalAppExitA
RpcBindingCopy
PathGetDriveNumberW
InflateRect
GetDoubleClickTime
IsWindowVisible
GetClipboardData
TranslateMDISysAccel
SCardGetStatusChangeW
Number of PE resources by type
RT_BITMAP 2
RT_STRING 2
Number of PE resources by language
NEUTRAL 4
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2014:06:17 10:53:43-07:00

FileType
Win32 EXE

PEType
PE32

CodeSize
24576

LinkerVersion
12.0

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x144d

InitializedDataSize
0

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.1

UninitializedDataSize
53248

File identification
MD5 b67ceb19e3b51d64f1a1ae93b7a92e4f
SHA1 3c53b7a36f3820ff52156b890ed0493ffe02246c
SHA256 e1466314632026c4dc0f950709f91abc07738aa614d20add817da1e84e8f3330
ssdeep
1536:btnPLZXZ+l0S5dB9kKAwtfW/eedhsvnJuKO4eqCBxrYdxliE/OwXcN0tVZN9uPD+:ZzsZBsfbMJgp16tVYPD5jmrULpfM

authentihash 1cb2d5700d3320cbdea15aa667b913164223539ea930b2637324e8d4bd0f6925
imphash 4fb630f2519f77d90e75ff616554c8a6
File size 124.0 KB ( 126976 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-06-17 13:06:23 UTC ( 8 months ago )
Last submission 2018-10-01 10:44:43 UTC ( 4 months, 2 weeks ago )
File names 1379.bin
crashmarkers.exe
1379.exe
19758.exe
accountquota.exe
b67ceb19e3b51d64f1a1ae93b7a92e4f
output.113470772.txt
739685.exe
71603 (1).exe
99f96d554c37f2842af4f38374857daecfd7cb60
71603.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!