× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e7e8f71311d434585a27ef77f73ebe51b7d9d5bdbdcedde5ae7588e32bd35251
File name: e7e8f71311d434585a27ef77f73ebe51b7d9d5bdbdcedde5ae7588e32bd35251
Detection ratio: 14 / 70
Analysis date: 2018-12-19 20:04:27 UTC ( 1 month, 4 weeks ago ) View latest
Antivirus Result Update
Acronis malware 20180726
Bkav HW32.Packed. 20181219
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181022
Cybereason malicious.5687c0 20180225
Cylance Unsafe 20181219
eGambit Unsafe.AI_Score_99% 20181219
Endgame malicious (high confidence) 20181108
Sophos ML heuristic 20181128
McAfee-GW-Edition BehavesLike.Win32.Emotet.cc 20181219
Qihoo-360 HEUR/QVM20.1.F9F5.Malware.Gen 20181219
Rising Malware.Heuristic!ET#98% (RDM+:cmRtazp4JfjXtOtg0Lh5CczMa1Do) 20181219
SentinelOne (Static ML) static engine - malicious 20181011
Symantec ML.Attribute.HighConfidence 20181219
Trapmine malicious.high.ml.score 20181205
Ad-Aware 20181219
AegisLab 20181219
AhnLab-V3 20181219
Alibaba 20180921
ALYac 20181219
Antiy-AVL 20181219
Arcabit 20181219
Avast 20181219
Avast-Mobile 20181219
AVG 20181219
Avira (no cloud) 20181219
Babable 20180918
Baidu 20181207
BitDefender 20181219
CAT-QuickHeal 20181219
ClamAV 20181219
CMC 20181219
Comodo 20181219
Cyren 20181219
DrWeb 20181219
Emsisoft 20181219
ESET-NOD32 20181219
F-Prot 20181219
F-Secure 20181219
Fortinet 20181219
GData 20181219
Ikarus 20181219
Jiangmin 20181219
K7AntiVirus 20181219
K7GW 20181219
Kaspersky 20181219
Kingsoft 20181219
Malwarebytes 20181219
MAX 20181219
McAfee 20181219
Microsoft 20181219
eScan 20181219
NANO-Antivirus 20181219
Palo Alto Networks (Known Signatures) 20181219
Panda 20181219
Sophos AV 20181219
SUPERAntiSpyware 20181212
Symantec Mobile Insight 20181215
TACHYON 20181219
Tencent 20181219
TheHacker 20181216
TotalDefense 20181219
TrendMicro 20181219
TrendMicro-HouseCall 20181219
Trustlook 20181219
VBA32 20181219
ViRobot 20181219
Webroot 20181219
Yandex 20181219
Zillya 20181219
ZoneAlarm by Check Point 20181219
Zoner 20181219
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft

Product Microsoft®
Original name kbdth3.dll
Internal name TCPSVCS.EXE
Description TCP/IP Services Application
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2002-07-18 02:23:20
Entry Point 0x00002CF0
Number of sections 9
PE sections
PE imports
RemoveUsersFromEncryptedFile
GetSecurityDescriptorRMControl
OffsetClipRgn
GetEnvironmentStrings
GetNamedPipeServerProcessId
GetThreadLocale
GetThreadTimes
GlobalMemoryStatusEx
GetBinaryTypeA
GetCurrentThread
Ord(29)
SendMessageA
GetLastInputInfo
DlgDirListW
CopyIcon
GetMenuContextHelpId
GetKeyState
g_rgSCardT1Pci
memmove
OleFlushClipboard
Number of PE resources by type
RT_BITMAP 1
RT_VERSION 1
Number of PE resources by language
JAPANESE DEFAULT 2
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2002:07:18 03:23:20+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
135168

LinkerVersion
2.0

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x2cf0

InitializedDataSize
0

SubsystemVersion
6.0

ImageVersion
5.1

OSVersion
6.0

UninitializedDataSize
0

File identification
MD5 2cd1f965687c0daefd4982d94c58adfa
SHA1 6f900507f800b38d404c5b961af2f17685a81dd5
SHA256 e7e8f71311d434585a27ef77f73ebe51b7d9d5bdbdcedde5ae7588e32bd35251
ssdeep
3072:U0hyqeFGtPtfIA4koW9Ol94tFKGINwinfRBlg:HcEVtQYW9YKnwgRBl

authentihash b7c29c3be9d726a33cc12435063f62a608fe3a753d9a7da62fa0e67c21d23807
imphash bf33da4de7149b1a902347b653ac6bd2
File size 124.0 KB ( 126976 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-19 20:04:27 UTC ( 1 month, 4 weeks ago )
Last submission 2018-12-19 20:04:27 UTC ( 1 month, 4 weeks ago )
File names kbdth3.dll
TCPSVCS.EXE
Hn6RSeLNf8Od.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!