× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e94caa8cdf3f794d97a18f59742dcb3a546232dbed13c2ca919827cdf6c33235
File name: e94caa8cdf3f794d97a18f59742dcb3a546232dbed13c2ca919827cdf6c33235
Detection ratio: 23 / 68
Analysis date: 2018-09-06 00:08:00 UTC ( 5 months, 2 weeks ago ) View latest
Antivirus Result Update
Avast FileRepMalware 20180905
AVG FileRepMalware 20180905
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9997 20180905
CAT-QuickHeal Trojan.Emotet.X4 20180905
CrowdStrike Falcon (ML) malicious_confidence_90% (D) 20180723
Cylance Unsafe 20180906
Emsisoft Trojan.Emotet (A) 20180905
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/GenKryptik.CKFY 20180905
Ikarus Trojan-Banker.Emotet 20180905
Sophos ML heuristic 20180717
Kaspersky UDS:DangerousObject.Multi.Generic 20180906
Malwarebytes Trojan.Emotet 20180905
McAfee Emotet-FIG!D3FDB4F4F094 20180906
McAfee-GW-Edition BehavesLike.Win32.Emotet.gm 20180905
Microsoft Trojan:Win32/Emotet.AC!bit 20180905
Palo Alto Networks (Known Signatures) generic.ml 20180906
Qihoo-360 HEUR/QVM20.1.ABB7.Malware.Gen 20180906
Rising Trojan.Emotet!8.B95 (CLOUD) 20180905
Sophos AV Mal/Generic-S 20180905
Symantec ML.Attribute.HighConfidence 20180905
Webroot W32.Trojan.Emotet 20180906
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20180905
Ad-Aware 20180905
AegisLab 20180905
AhnLab-V3 20180905
Alibaba 20180713
ALYac 20180905
Antiy-AVL 20180906
Arcabit 20180905
Avast-Mobile 20180905
Avira (no cloud) 20180905
AVware 20180905
Babable 20180902
BitDefender 20180905
Bkav 20180905
ClamAV 20180905
CMC 20180905
Comodo 20180905
Cybereason 20180225
Cyren 20180905
DrWeb 20180905
eGambit 20180906
F-Prot 20180905
F-Secure 20180906
Fortinet 20180905
GData 20180905
Jiangmin 20180906
K7AntiVirus 20180905
K7GW 20180905
Kingsoft 20180906
MAX 20180906
eScan 20180906
NANO-Antivirus 20180905
Panda 20180905
SentinelOne (Static ML) 20180830
SUPERAntiSpyware 20180905
Symantec Mobile Insight 20180905
TACHYON 20180905
Tencent 20180906
TheHacker 20180904
TotalDefense 20180905
TrendMicro 20180905
TrendMicro-HouseCall 20180905
Trustlook 20180906
VBA32 20180905
VIPRE 20180905
ViRobot 20180905
Yandex 20180905
Zillya 20180904
Zoner 20180905
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2001-2003 BST

Product BSPlayer support DLL
Original name bsrendv2.dll
Internal name bsrendv2.dll
File version 2.00
Description BS SDLL
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-09-05 20:28:43
Entry Point 0x000239B7
Number of sections 5
PE sections
PE imports
GetCurrentHwProfileW
RegSetKeySecurity
EndPage
FindFirstFileExW
GetBinaryTypeA
GetModuleHandleA
StrChrNW
FreeCredentialsHandle
EnableWindow
FindNextUrlCacheEntryExA
FindFirstUrlCacheEntryExA
Number of PE resources by type
RT_DIALOG 2
RT_STRING 1
RT_VERSION 1
Number of PE resources by language
SLOVENIAN DEFAULT 3
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
1006425862

LinkerVersion
12.1

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x30003f

FileDescription
BS SDLL

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
367104

EntryPoint
0x239b7

OriginalFileName
bsrendv2.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2001-2003 BST

FileVersion
2.0

TimeStamp
2018:09:05 22:28:43+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
bsrendv2.dll

OLESelfRegister
AM20

ProductVersion
2.0

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
BST

CodeSize
146432

ProductName
BSPlayer support DLL

ProductVersionNumber
2.0.0.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 d3fdb4f4f094b46baffb6bb84e918ed8
SHA1 0e194425e866ef211972c3b84c82464fd9ceb097
SHA256 e94caa8cdf3f794d97a18f59742dcb3a546232dbed13c2ca919827cdf6c33235
ssdeep
3072:xlM+IdcIO0d4pnuGN1PN9QAAQ8RJiLU7kyw4m7yyf1li5wVGsd3rQhmNCTwkhzUB:xXUO0enRp5PYgyfK3AjhljW+leI

authentihash 9eb7d5eb51534bfc695a5903257a27d3f5fdf47f08300320ccd1de23e090ea9c
imphash 260626ad804336e9602a438ff43007bc
File size 496.5 KB ( 508416 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (25.2%)
Clipper DOS Executable (25.0%)
Generic Win/DOS Executable (24.8%)
DOS Executable Generic (24.8%)
Tags
peexe

VirusTotal metadata
First submission 2018-09-05 20:40:14 UTC ( 5 months, 2 weeks ago )
Last submission 2018-11-08 23:37:22 UTC ( 3 months, 1 week ago )
File names r5unOkp9p.exe
MQW9IM87.exe
d3fdb4f4f094b46baffb6bb84e918ed8
u6UEkCEX.exe
18016640.exe
wBW6PUvcT44B.exe
LOrDJIE3id.exe
bsrendv2.dll
JnFJwWqb1e.exe
Fff9t2uLVAa.exe
JhlaAD7m0IX.exe
OrI2GTQs.exe
19392912.exe
Ju4LmjaB.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!