× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: eb47dc4154d7110e56016cb9e2f897e5c8f48e34b067f6e4c0ff6f6249d7aaca
File name: 22931312.exe
Detection ratio: 48 / 68
Analysis date: 2018-11-13 21:06:10 UTC ( 3 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.Autoruns.GenericKDS.31328707 20181112
AegisLab Trojan.Win32.Emotet.4!c 20181113
AhnLab-V3 Trojan/Win32.Emotet.R242486 20181113
ALYac Trojan.Autoruns.GenericKDS.31328707 20181113
Antiy-AVL Trojan[Banker]/Win32.Emotet 20181113
Arcabit Trojan.Autoruns.GenericS.D1DE09C3 20181113
Avast Win32:BankerX-gen [Trj] 20181113
AVG Win32:BankerX-gen [Trj] 20181113
Avira (no cloud) TR/Crypt.XPACK.Gen 20181113
BitDefender Trojan.Autoruns.GenericKDS.31328707 20181113
Bkav HW32.Packed. 20181113
CAT-QuickHeal Trojan.IGENERIC 20181113
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.e2d67a 20180225
Cylance Unsafe 20181113
Cyren W32/Trojan.VESH-6899 20181113
Emsisoft Trojan.Autoruns.GenericKDS.31328707 (B) 20181113
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GMMN 20181113
F-Prot W32/Emotet.IL.gen!Eldorado 20181113
F-Secure Trojan.Autoruns.GenericKDS.31328707 20181113
Fortinet W32/GenKryptik.CPVU!tr 20181113
GData Trojan.Autoruns.GenericKDS.31328707 20181113
Ikarus Trojan.Autoruns.GenericKDS 20181113
Sophos ML heuristic 20181108
K7AntiVirus Riskware ( 0040eff71 ) 20181113
K7GW Riskware ( 0040eff71 ) 20181113
Kaspersky Trojan-Banker.Win32.Emotet.bnsh 20181113
Malwarebytes Trojan.Emotet 20181113
MAX malware (ai score=99) 20181113
McAfee RDN/Generic.grp 20181113
McAfee-GW-Edition BehavesLike.Win32.Emotet.cc 20181113
Microsoft Trojan:Win32/Emotet.AC!bit 20181113
eScan Trojan.Autoruns.GenericKDS.31328707 20181113
Palo Alto Networks (Known Signatures) generic.ml 20181113
Panda Trj/GdSda.A 20181113
Qihoo-360 Win32/Trojan.28b 20181113
Rising Trojan.GenKryptik!8.AA55 (CLOUD) 20181113
SentinelOne (Static ML) static engine - malicious 20181011
Sophos AV Mal/EncPk-ANY 20181113
Symantec Trojan.Emotet 20181113
TACHYON Banker/W32.Emotet.131072.AG 20181113
TrendMicro TROJ_GEN.R002C0CK518 20181113
TrendMicro-HouseCall TrojanSpy.Win32.EMOTET.SMDS.hp 20181113
VBA32 BScope.TrojanBanker.Emotet 20181113
Webroot W32.Trojan.Emotet 20181113
Zillya Trojan.Emotet.Win32.7128 20181113
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bnsh 20181113
Alibaba 20180921
Avast-Mobile 20181113
Babable 20180918
Baidu 20181112
ClamAV 20181113
CMC 20181113
DrWeb 20181113
eGambit 20181113
Jiangmin 20181113
Kingsoft 20181113
NANO-Antivirus 20181113
SUPERAntiSpyware 20181107
Symantec Mobile Insight 20181108
Tencent 20181113
TheHacker 20181108
TotalDefense 20181113
Trustlook 20181113
VIPRE 20181113
ViRobot 20181113
Yandex 20181113
Zoner 20181113
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Internal name ttggv (3
File version 1.0
Description ToggleView
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-07-27 17:30:04
Entry Point 0x00003220
Number of sections 6
PE sections
PE imports
IsValidSecurityDescriptor
AllocateLocallyUniqueId
FrameRgn
DeleteColorSpace
GetStretchBltMode
SetTextJustification
UnrealizeObject
BitBlt
ExtSelectClipRgn
GetNamedPipeClientProcessId
QueryThreadCycleTime
ZombifyActCtx
IsSystemResumeAutomatic
GetCommandLineW
EscapeCommFunction
GetThreadLocale
GetCommMask
FindFirstFileNameW
TzSpecificLocalTimeToSystemTime
GetLogicalProcessorInformation
VarBstrCat
ToUnicodeEx
GetListBoxInfo
GetCursorPos
SetWindowContextHelpId
IsGUIThread
GetPhysicalCursorPos
DdeEnableCallback
GetMenuDefaultItem
GetThreadDesktop
CoLoadLibrary
CoUninitialize
OleDestroyMenuDescriptor
Number of PE resources by type
RT_STRING 3
RT_VERSION 1
Number of PE resources by language
NORWEGIAN BOKMAL 4
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
13.0

ImageVersion
0.1

FileSubtype
0

FileVersionNumber
1.6.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
ToggleView

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
151552

EntryPoint
0x3220

OriginalFileName
ttggv.exe

MIMEType
application/octet-stream

FileVersion
1.0

TimeStamp
2013:07:27 19:30:04+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
ttggv (3

ProductVersion
1.0

SubsystemVersion
5.0

OSVersion
6.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Micro

CodeSize
12288

ProductName
Microsoft

ProductVersionNumber
1.6.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 14fd4ce511da97612ffc245fd2114269
SHA1 f055664e2d67abf56d7a3550aa6613bf3c801857
SHA256 eb47dc4154d7110e56016cb9e2f897e5c8f48e34b067f6e4c0ff6f6249d7aaca
ssdeep
1536:Jm12DgGznTLb3HgZewHGYN58n1C+sD2CZCu0I4/iej14/e1J67j9H+a:Jt0G7TLLALmI5v+xCZCu05iW1i+a

authentihash eb00991a88a32cf4523abc4631d5e17cdb7243c16f94e8181c6b6385aac9e113
imphash 164294a5ea1ee17c6af3bf7be0be5d51
File size 128.0 KB ( 131072 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe

VirusTotal metadata
First submission 2018-11-02 13:40:27 UTC ( 3 months, 3 weeks ago )
Last submission 2018-11-02 13:40:27 UTC ( 3 months, 3 weeks ago )
File names ttggv (3
22931312.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!