× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e856fe30116bf9ec623c7591a8be9c11513ebfcf9c9061f74f6433e2f451632b
File name: Fremontod.exe_
Detection ratio: 27 / 68
Analysis date: 2017-12-07 18:06:55 UTC ( 1 year, 3 months ago ) View latest
Antivirus Result Update
AegisLab Backdoor.W32.Generic!c 20171207
Avast Win32:Malware-gen 20171207
AVG Win32:Malware-gen 20171207
Avira (no cloud) TR/Dropper.MSIL.xzkhq 20171207
AVware Trojan.Win32.Generic!BT 20171207
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20171207
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20171016
Cybereason malicious.214cd7 20171103
Cylance Unsafe 20171207
eGambit Unsafe.AI_Score_99% 20171207
ESET-NOD32 a variant of MSIL/Kryptik.LRA 20171207
Fortinet W32/Kryptik.AT!tr.bdr 20171207
Sophos ML heuristic 20170914
K7AntiVirus Trojan ( 0051f6f51 ) 20171205
K7GW Trojan ( 0051f6f51 ) 20171207
Kaspersky HEUR:Backdoor.Win32.Generic 20171207
Malwarebytes Trojan.Redlonam 20171207
McAfee Artemis!57DC1364A657 20171207
McAfee-GW-Edition BehavesLike.Win32.Trojan.dc 20171207
Palo Alto Networks (Known Signatures) generic.ml 20171207
Qihoo-360 Win32/Backdoor.d55 20171207
SentinelOne (Static ML) static engine - malicious 20171207
Sophos AV Mal/Kryptik-AT 20171207
Symantec Infostealer.Limitail 20171207
TrendMicro-HouseCall TROJ_GEN.R002H0DL717 20171207
VIPRE Trojan.Win32.Generic!BT 20171207
ZoneAlarm by Check Point HEUR:Backdoor.Win32.Generic 20171207
Ad-Aware 20171207
AhnLab-V3 20171207
Alibaba 20171207
ALYac 20171207
Antiy-AVL 20171207
Arcabit 20171207
Avast-Mobile 20171207
BitDefender 20171207
Bkav 20171207
CAT-QuickHeal 20171206
ClamAV 20171207
CMC 20171207
Comodo 20171207
Cyren 20171207
DrWeb 20171207
Emsisoft 20171207
Endgame 20171130
F-Prot 20171207
F-Secure 20171203
GData 20171207
Ikarus 20171207
Jiangmin 20171207
Kingsoft 20171207
MAX 20171207
Microsoft 20171207
eScan 20171207
NANO-Antivirus 20171207
nProtect 20171207
Panda 20171207
Rising 20171207
SUPERAntiSpyware 20171207
Symantec Mobile Insight 20171207
Tencent 20171207
TheHacker 20171205
TotalDefense 20171207
TrendMicro 20171207
Trustlook 20171207
VBA32 20171207
ViRobot 20171207
Webroot 20171207
WhiteArmor 20171204
Yandex 20171207
Zillya 20171207
Zoner 20171207
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
3.6.2, © 2000-2013 Max Programming, S.L. All Righ

Product eMail Verifier
Original name eMailVerifier.exe
Internal name eMail Verifier
File version 3.6.2.0
Description eMail Verifier v3.6.2
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-12-06 06:55:51
Entry Point 0x0009B757
Number of sections 3
.NET details
Module Version ID 92ba80df-c239-46c1-9ddb-60a6489ff4d5
PE sections
Overlays
MD5 e9a77e78b6276d1b785fd769acb15836
File type data
Offset 1001984
Size 2096
Entropy 7.91
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 6
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 7
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.6.2.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0017

FileDescription
eMail Verifier v3.6.2

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
372736

EntryPoint
0x9b757

OriginalFileName
eMailVerifier.exe

MIMEType
application/octet-stream

LegalCopyright
3.6.2, 2000-2013 Max Programming, S.L. All Righ

FileVersion
3.6.2.0

TimeStamp
2017:12:06 07:55:51+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
eMail Verifier

ProductVersion
3.6.2

SubsystemVersion
4.0

Release
Final

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Max Programming, LLC

CodeSize
628736

ProductName
eMail Verifier

ProductVersionNumber
3.6.2.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 57dc1364a65766445c1c555f5695b0ee
SHA1 9dd8cfd214cd7f646055bd0d7f3166fd7de04da4
SHA256 e856fe30116bf9ec623c7591a8be9c11513ebfcf9c9061f74f6433e2f451632b
ssdeep
24576:IN/BiRuPU7CuA/BDPPSZbE1tG59WDj4a+lLmzG:IxBiRygCj56ZbE7G5U/4aW6G

authentihash 7071cc42f76575687631352f3a6256fdd3169e76237b97dde5fd0e2367c29f2d
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 980.5 KB ( 1004080 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (62.0%)
Win64 Executable (generic) (23.4%)
Win32 Dynamic Link Library (generic) (5.5%)
Win32 Executable (generic) (3.8%)
OS/2 Executable (generic) (1.7%)
Tags
peexe assembly overlay

VirusTotal metadata
First submission 2017-12-07 08:18:52 UTC ( 1 year, 3 months ago )
Last submission 2019-03-06 04:02:46 UTC ( 2 weeks, 1 day ago )
File names de049551-dca6-11e7-9c0d-80e65024849a.file
de049551-dca6-11e7-9c0d-80e65024849a.file
32e0e614-df56-11e7-b70d-80e65024849a.file
de049551-dca6-11e7-9c0d-80e65024849a.file
output.112570984.txt
Fremontod.exe
name(05).gxe
eMailVerifier.exe
eMail Verifier
32e0e614-df56-11e7-b70d-80e65024849a.exe
32e0e614-df56-11e7-b70d-80e65024849a.file
57DC1364A65766445C1C555F5695B0EE.exe
de049551-dca6-11e7-9c0d-80e65024849a.file
Fremontod.exe_
57dc1364a65766445c1c555f5695b0ee.exe
32e0e614-df56-11e7-b70d-80e65024849a.file
32e0e614-df56-11e7-b70d-80e65024849a.file
test (49).exe
VirusShare_57dc1364a65766445c1c555f5695b0ee
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!