× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e67f3f3b4a1dba1b2b115130e9c50fc0e627dd247eea917838b5bf86b85570c4
File name: 5357D1C.exe
Detection ratio: 20 / 67
Analysis date: 2018-06-20 18:32:55 UTC ( 8 months ago ) View latest
Antivirus Result Update
Avast FileRepMalware 20180620
AVG FileRepMalware 20180620
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9992 20180620
Comodo Heur.Packed.Unknown 20180620
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180530
Cybereason malicious.2f139e 20180225
Cylance Unsafe 20180620
Endgame malicious (high confidence) 20180612
ESET-NOD32 a variant of Win32/Kryptik.GHZP 20180620
Fortinet W32/Kryptik.GHTB!tr 20180620
Sophos ML heuristic 20180601
McAfee-GW-Edition BehavesLike.Win32.Ramnit.ch 20180620
Palo Alto Networks (Known Signatures) generic.ml 20180620
Qihoo-360 HEUR/QVM19.1.F961.Malware.Gen 20180620
SentinelOne (Static ML) static engine - malicious 20180618
Sophos AV Mal/EncPk-ANR 20180620
Symantec ML.Attribute.HighConfidence 20180620
TotalDefense Win32/FakeMS.WOCR 20180620
VBA32 BScope.Trojan.Dovs 20180620
Webroot W32.Trojan.Emotet 20180620
Ad-Aware 20180620
AegisLab 20180620
AhnLab-V3 20180620
Alibaba 20180620
ALYac 20180620
Antiy-AVL 20180620
Arcabit 20180620
Avast-Mobile 20180620
AVware 20180620
Babable 20180406
BitDefender 20180620
Bkav 20180620
CAT-QuickHeal 20180620
ClamAV 20180620
CMC 20180620
Cyren 20180620
DrWeb 20180620
eGambit 20180620
Emsisoft 20180620
F-Prot 20180620
F-Secure 20180620
GData 20180620
Ikarus 20180620
Jiangmin 20180620
K7AntiVirus 20180620
K7GW 20180620
Kaspersky 20180620
Kingsoft 20180620
Malwarebytes 20180620
MAX 20180620
McAfee 20180620
Microsoft 20180620
eScan 20180620
NANO-Antivirus 20180620
Panda 20180620
Rising 20180620
SUPERAntiSpyware 20180620
Symantec Mobile Insight 20180619
TACHYON 20180620
Tencent 20180620
TheHacker 20180619
TrendMicro 20180620
TrendMicro-HouseCall 20180620
Trustlook 20180620
VIPRE 20180620
ViRobot 20180620
Yandex 20180620
Zillya 20180620
ZoneAlarm by Check Point 20180620
Zoner 20180620
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Product Mic
File version 6.1.7601
Description TLS / SSL Secur
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2035-07-30 21:36:11
Entry Point 0x00001F44
Number of sections 6
PE sections
PE imports
RegDeleteValueA
ImageList_GetImageInfo
CreateDiscardableBitmap
GetComputerNameExA
GetCurrentProcess
WaitNamedPipeA
lstrlenA
lstrcatA
GetWindowsDirectoryA
SetConsoleTextAttribute
ReadProcessMemory
GetModuleFileNameA
GetModuleHandleW
GetBinaryTypeA
LZInit
ICOpenFunction
VarBstrFromCy
VarCyMul
VarCyCmp
I_RpcSend
NdrInterfacePointerBufferSize
RpcNetworkIsProtseqValidW
SetupDiGetDeviceInterfaceDetailA
SHQueryInfoKeyW
PathIsNetworkPathW
PathUnmakeSystemFolderW
GetQueueStatus
IsRectEmpty
VkKeyScanA
TranslateMessage
SCardLocateCardsW
CoIsOle1Class
ReleaseBindInfo
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2035:07:30 23:36:11+02:00

FileType
Win32 EXE

PEType
PE32

CodeSize
12288

LinkerVersion
12.0

ImageFileCharacteristics
No relocs, Executable, 32-bit, System file

EntryPoint
0x1f44

InitializedDataSize
126976

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.1

UninitializedDataSize
0

Compressed bundles
File identification
MD5 787057c087778205b823cac87a7657a2
SHA1 604576c2f139ee94d72d7cbc66d0bc399bcec73f
SHA256 e67f3f3b4a1dba1b2b115130e9c50fc0e627dd247eea917838b5bf86b85570c4
ssdeep
1536:4FghUoIs+NXRl5y+to5/q+btf0xqyWoFFdEho4Wt6:+ghUoeNtyb5/q+btf0LFFS386

authentihash d3d2f39aadcefa695b20b1925216cab2466f43d34a2729a098f7feb58fb7009c
imphash e0445e3a6096e454e38800cbdc1ce69c
File size 136.0 KB ( 139264 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit system file

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-06-20 18:32:55 UTC ( 8 months ago )
Last submission 2018-06-21 20:19:14 UTC ( 8 months ago )
File names 8525.exe
5357D1C.exe
26a67346252c3ccc035f346d5bea2849cd604304
53508.exe
69355.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!