× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ec916443906000451f27113969c2bcfc82cd3f441f6e773199f4607fc9293d88
Detection ratio: 24 / 68
Analysis date: 2018-04-23 19:06:36 UTC ( 9 months, 4 weeks ago ) View latest
Antivirus Result Update
AegisLab Ml.Attribute.Gen!c 20180423
Babable Malware.HighConfidence 20180406
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180423
Bkav HW32.Packed.2FBA 20180410
Comodo CloudScanner.Trojan.Gen 20180423
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20180418
Cybereason malicious.f782c2 20180225
Cylance Unsafe 20180423
eGambit Unsafe.AI_Score_64% 20180423
Endgame malicious (high confidence) 20180403
ESET-NOD32 a variant of Win32/GenKryptik.BXWU 20180423
Fortinet W32/Kryptik.GFRO!tr 20180423
Sophos ML heuristic 20180121
Kaspersky UDS:DangerousObject.Multi.Generic 20180423
McAfee GenericRXEX-RB!786DAB2C2871 20180423
McAfee-GW-Edition BehavesLike.Win32.Emotet.dc 20180423
Palo Alto Networks (Known Signatures) generic.ml 20180423
Qihoo-360 HEUR/QVM20.1.38CD.Malware.Gen 20180423
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV Mal/Generic-S 20180423
Symantec Packed.Generic.517 20180423
TrendMicro-HouseCall Suspicious_GEN.F47V0423 20180423
Webroot W32.Trojan.Emotet 20180423
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20180423
Ad-Aware 20180423
AhnLab-V3 20180423
Alibaba 20180423
ALYac 20180423
Antiy-AVL 20180418
Arcabit 20180423
Avast 20180423
Avast-Mobile 20180423
AVG 20180423
Avira (no cloud) 20180423
AVware 20180423
BitDefender 20180423
CAT-QuickHeal 20180423
ClamAV 20180423
CMC 20180423
Cyren 20180423
DrWeb 20180423
Emsisoft 20180423
F-Prot 20180423
F-Secure 20180423
GData 20180423
Ikarus 20180423
Jiangmin 20180423
K7AntiVirus 20180423
K7GW 20180423
Kingsoft 20180423
Malwarebytes 20180423
MAX 20180423
Microsoft 20180423
eScan 20180423
NANO-Antivirus 20180423
nProtect 20180423
Panda 20180423
Rising 20180423
SUPERAntiSpyware 20180423
Symantec Mobile Insight 20180419
Tencent 20180423
TheHacker 20180423
TrendMicro 20180423
Trustlook 20180423
VBA32 20180423
VIPRE 20180423
ViRobot 20180423
Yandex 20180420
Zillya 20180423
Zoner 20180423
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-04-23 15:30:36
Entry Point 0x0000139A
Number of sections 6
PE sections
PE imports
CryptDestroyKey
CryptCreateHash
JetGotoBookmark
AbortPath
SaveDC
GetCommandLineA
DisconnectNamedPipe
DuplicateHandle
GetSystemDefaultLCID
GetCurrentProcessorNumber
VarDateFromCy
GetMenuPosFromID
SetFocus
GetMessagePos
TrackPopupMenu
GetOpenClipboardWindow
SetRectEmpty
GetCursor
GetForegroundWindow
IsDialogMessageA
Number of PE resources by type
RT_STRING 13
RT_BITMAP 5
Number of PE resources by language
NEUTRAL 18
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2018:04:23 17:30:36+02:00

FileType
Win32 EXE

PEType
PE32

CodeSize
12288

LinkerVersion
11.16

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x139a

InitializedDataSize
217088

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 786dab2c2871d2c2e1b855be892b6568
SHA1 918711af782c204e7d11198dafee4d7810e78c0a
SHA256 ec916443906000451f27113969c2bcfc82cd3f441f6e773199f4607fc9293d88
ssdeep
3072:brFv8ccOZU0d2j47dRBfrDmOzpn4CV4KN66OGCGJsp3PLv+QfpYvhFA3HcZOou78:rcOZU0d575jKOlWv3DPQFYqstf2gB

authentihash 46fde5d577f0e33df0559ecd0984bdd5dc06970c911d1bd045d5631a6187913b
imphash 852d35d3b02d669290b093c57ddb74f7
File size 224.0 KB ( 229376 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-04-23 15:35:44 UTC ( 9 months, 4 weeks ago )
Last submission 2018-05-28 11:10:15 UTC ( 8 months, 3 weeks ago )
File names 70ee0ab5e83a84e660b75ac22dd82750d94541ab
0981.exe
battvsgd.exe
0475.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!