× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ec2ebc99839808e2c4caf487be9f9a14a11b99ec4d10acd7d2d99fba0b87757a
File name: codexgigas_bea2e21630ac59535d6bdee75b181cc25169edc5
Detection ratio: 21 / 66
Analysis date: 2018-09-01 18:08:38 UTC ( 5 months, 3 weeks ago ) View latest
Antivirus Result Update
Avast FileRepMalware 20180901
AVG FileRepMalware 20180901
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180830
CAT-QuickHeal Trojan.Emotet.X4 20180901
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cylance Unsafe 20180901
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/GenKryptik.CJVU 20180901
Sophos ML heuristic 20180717
Kaspersky Trojan-Banker.Win32.Emotet.bcdl 20180901
McAfee RDN/Generic.grp 20180901
McAfee-GW-Edition BehavesLike.Win32.Emotet.fm 20180901
Microsoft Trojan:Win32/Emotet.AC!bit 20180901
Palo Alto Networks (Known Signatures) generic.ml 20180901
Qihoo-360 HEUR/QVM20.1.9315.Malware.Gen 20180901
Rising Trojan.Emotet!8.B95 (CLOUD) 20180901
SentinelOne (Static ML) static engine - malicious 20180830
Symantec ML.Attribute.HighConfidence 20180901
TrendMicro-HouseCall Suspicious_GEN.F47V0901 20180901
Webroot W32.Trojan.Emotet 20180901
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20180901
Ad-Aware 20180901
AegisLab 20180901
AhnLab-V3 20180901
Alibaba 20180713
Antiy-AVL 20180901
Arcabit 20180901
Avast-Mobile 20180901
Avira (no cloud) 20180901
AVware 20180823
Babable 20180822
BitDefender 20180901
Bkav 20180831
ClamAV 20180901
CMC 20180901
Comodo 20180901
Cybereason 20180225
Cyren 20180901
DrWeb 20180901
eGambit 20180901
Emsisoft 20180901
F-Prot 20180901
F-Secure 20180901
Fortinet 20180901
GData 20180901
Ikarus 20180901
Jiangmin 20180901
K7AntiVirus 20180901
K7GW 20180901
Kingsoft 20180901
Malwarebytes 20180901
MAX 20180901
eScan 20180901
NANO-Antivirus 20180901
Panda 20180901
Sophos AV 20180901
SUPERAntiSpyware 20180901
Symantec Mobile Insight 20180831
TACHYON 20180901
Tencent 20180901
TheHacker 20180829
TotalDefense 20180901
TrendMicro 20180901
Trustlook 20180901
VBA32 20180831
VIPRE 20180901
ViRobot 20180901
Yandex 20180831
Zoner 20180831
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name RASSER.DLL
Internal name RASSER.DLL
File version 6.1.7600.16385 (win7_rtm.090713-1255)
Description Remote Access Media DLL for COM ports
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-09-01 19:01:19
Entry Point 0x0001B8C5
Number of sections 4
PE sections
PE imports
SetServiceBits
EnumEnhMetaFile
SetTextJustification
GetClipBox
GetTimeZoneInformation
SetSystemFileCacheSize
GetModuleHandleA
GetSystemRegistryQuota
GetCommandLineA
ReleaseActCtx
SetFileBandwidthReservation
SetupCopyOEMInfW
SHRegGetBoolUSValueA
GetWindowThreadProcessId
GetSubMenu
GetInputState
GetDesktopWindow
IsMenu
ReuseDDElParam
ChangeClipboardChain
PackDDElParam
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
1006425862

LinkerVersion
12.1

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.1.7600.16385

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Remote Access Media DLL for COM ports

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
297472

EntryPoint
0x1b8c5

OriginalFileName
RASSER.DLL

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
6.1.7600.16385 (win7_rtm.090713-1255)

TimeStamp
2018:09:01 21:01:19+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
RASSER.DLL

ProductVersion
6.1.7600.16385

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
113152

ProductName
Microsoft Windows Operating System

ProductVersionNumber
6.1.7600.16385

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 aaf0d15c410ea09ee7635ec28450064f
SHA1 bea2e21630ac59535d6bdee75b181cc25169edc5
SHA256 ec2ebc99839808e2c4caf487be9f9a14a11b99ec4d10acd7d2d99fba0b87757a
ssdeep
6144:J03a04bWqbBjNBE/zDZnPhiqryBCmSteSGdmlE:J03a04bWiBjNQDphiqrftWd

authentihash 0050ffc595c6733f352cf75faffe142f4a304729376e3a6ee9f7b3b68a3dc475
imphash 46454b2696c54c87c668d8996106ac7d
File size 397.0 KB ( 406528 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (25.2%)
Clipper DOS Executable (25.0%)
Generic Win/DOS Executable (24.8%)
DOS Executable Generic (24.8%)
Tags
peexe

VirusTotal metadata
First submission 2018-09-01 13:08:24 UTC ( 5 months, 3 weeks ago )
Last submission 2018-09-13 20:03:46 UTC ( 5 months, 1 week ago )
File names RASSER.DLL
Ie0AWposwBL.exe
3BoVgMTqnYC.exe
1BB7B1A.exe
codexgigas_bea2e21630ac59535d6bdee75b181cc25169edc5
18934160.exe
21555600.exe
output.113965077.txt
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!