× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e1ddf0f1ae608d04ca9ffc25d611bb084bf2aee3422241c30b8ef438adb84a5c
File name: huTsEBTpCqYR.exe
Detection ratio: 18 / 70
Analysis date: 2019-02-05 02:24:32 UTC ( 1 month, 2 weeks ago ) View latest
Antivirus Result Update
Acronis suspicious 20190130
Avast FileRepMalware 20190205
AVG FileRepMalware 20190205
Bkav HW32.Packed. 20190201
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181023
Cybereason malicious.2934e8 20190109
Cylance Unsafe 20190205
Endgame malicious (high confidence) 20181108
Sophos ML heuristic 20181128
McAfee-GW-Edition BehavesLike.Win32.Generic.cc 20190204
Microsoft Trojan:Win32/Emotet 20190205
Qihoo-360 HEUR/QVM20.1.03D9.Malware.Gen 20190205
Rising Trojan.Emotet!8.B95 (TFE:dGZlOgKfGcS3pkbuFg) 20190205
SentinelOne (Static ML) static engine - malicious 20190203
Sophos AV Mal/EncPk-ANX 20190204
Symantec ML.Attribute.HighConfidence 20190204
Trapmine suspicious.low.ml.score 20190123
Webroot W32.Trojan.Emotet 20190205
Ad-Aware 20190204
AegisLab 20190205
AhnLab-V3 20190204
Alibaba 20180921
ALYac 20190204
Antiy-AVL 20190205
Arcabit 20190205
Avast-Mobile 20190204
Avira (no cloud) 20190205
Babable 20180918
Baidu 20190202
BitDefender 20190205
CAT-QuickHeal 20190204
ClamAV 20190204
CMC 20190204
Comodo 20190205
Cyren 20190205
DrWeb 20190204
eGambit 20190205
Emsisoft 20190204
ESET-NOD32 20190204
F-Prot 20190205
F-Secure 20190205
Fortinet 20190204
GData 20190204
Ikarus 20190204
Jiangmin 20190204
K7AntiVirus 20190204
K7GW 20190204
Kaspersky 20190205
Kingsoft 20190205
Malwarebytes 20190204
MAX 20190205
McAfee 20190205
eScan 20190205
NANO-Antivirus 20190205
Palo Alto Networks (Known Signatures) 20190205
Panda 20190204
SUPERAntiSpyware 20190130
TACHYON 20190205
Tencent 20190205
TheHacker 20190203
TotalDefense 20190204
TrendMicro 20190205
TrendMicro-HouseCall 20190205
Trustlook 20190205
VBA32 20190204
ViRobot 20190205
Yandex 20190204
Zillya 20190204
ZoneAlarm by Check Point 20190205
Zoner 20190204
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name kbdic.dll
Internal name kbdic (3.11)
File version 5.1.2600.0 (xpclient.010817-1148)
Description Icelandic Keyboard Layout
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2019-02-05 10:20:06
Entry Point 0x00002ED0
Number of sections 5
PE sections
PE imports
GetLengthSid
SetEntriesInAclW
RevertToSelf
IsTokenRestricted
CryptGetProvParam
CM_Query_Resource_Conflict_List
CM_Get_First_Log_Conf
JetDelete
EndPath
DeleteMetaFile
AddFontResourceW
GetCommandLineW
LocalFree
FileTimeToDosDateTime
CreateActCtxW
GetModuleHandleA
UnhandledExceptionFilter
WaitForSingleObject
SetFileApisToOEM
FindResourceExW
IsDebuggerPresent
EnumResourceNamesA
CloseHandle
GetConsoleScreenBufferInfoEx
CreateWaitableTimerA
GetCurrentThreadId
GetCommConfig
GetThreadLocale
DispGetParam
I_RpcServerRegisterForwardFunction
RpcBindingFromStringBindingW
UuidIsNil
I_RpcSessionStrictContextHandle
NdrAllocate
SHGetFolderLocation
PathIsUNCW
StrDupA
PathIsRootW
VerifySignature
NotifyWinEvent
GetForegroundWindow
GetMenuInfo
InsertMenuItemW
LoadMenuA
VkKeyScanA
GetMenuState
ToUnicode
PackDDElParam
GetUpdateRect
CreatePopupMenu
LockSetForegroundWindow
SetClipboardViewer
mixerSetControlDetails
IIDFromString
OleGetAutoConvert
HGLOBAL_UserSize
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
6.1

InitializedDataSize
0

ImageVersion
6.0

ProductName
Microsoft Windows Operating System

FileVersionNumber
5.1.2600.0

UninitializedDataSize
102400

LanguageCode
Neutral

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
13.0

FileTypeExtension
exe

OriginalFileName
kbdic.dll

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
5.1.2600.0 (xpclient.010817-1148)

TimeStamp
2019:02:05 11:20:06+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
kbdic (3.11)

ProductVersion
5.1.2600.0

FileDescription
Icelandic Keyboard Layout

OSVersion
6.0

FileOS
Windows NT 32-bit

LegalCopyright
Microsoft Corporation. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
16384

FileSubtype
2

ProductVersionNumber
5.1.2600.0

EntryPoint
0x2ed0

ObjectFileType
Dynamic link library

File identification
MD5 b4abc5cfb6d014efde33a115b04184a7
SHA1 807bb6c2934e882612c8dde6255770876646eb2e
SHA256 e1ddf0f1ae608d04ca9ffc25d611bb084bf2aee3422241c30b8ef438adb84a5c
ssdeep
3072:/fnkjhsOXthouepEdVo3FZfJiC5ARcEEBLU7Yb2iXih:/fkjhNMEdVK4C53Edlv

authentihash b3d7590f70069c1636b827fbd3d4e279272dea2d5f1a55e32d60dfb785b93fb5
imphash 19454e8959c9d3b431eb69d67838b372
File size 144.0 KB ( 147456 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2019-02-05 02:24:32 UTC ( 1 month, 2 weeks ago )
Last submission 2019-02-14 09:54:20 UTC ( 1 month, 1 week ago )
File names 4gKNto11_6rXIC.exe
OmeMvcVsIN_67TKaD.exe
kbdic (3.11)
9BnV.exe
kbdic.dll
huTsEBTpCqYR.exe
emotet_e2_e1ddf0f1ae608d04ca9ffc25d611bb084bf2aee3422241c30b8ef438adb84a5c_2019-02-05__023002.exe_
21817440.EXE
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!