× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ed65c68cf17030d1aa7634efae54c4f0172335e8fc46fee56c429a92e6a79f5e
File name: 6E7DCE37.exe
Detection ratio: 16 / 67
Analysis date: 2018-10-04 18:36:05 UTC ( 4 months, 2 weeks ago ) View latest
Antivirus Result Update
AVG FileRepMalware 20181004
CMC Trojan.Win32.Obfuscated.en!O 20181004
Comodo TrojWare.Win32.TrojanDownloader.Agent.nvav 20181004
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20180723
Endgame malicious (high confidence) 20180730
Sophos ML heuristic 20180717
Kaspersky UDS:DangerousObject.Multi.Generic 20181004
McAfee Artemis!8A098B2FCFAF 20181004
McAfee-GW-Edition Artemis!Trojan 20181004
Palo Alto Networks (Known Signatures) generic.ml 20181004
Qihoo-360 HEUR/QVM20.1.4D69.Malware.Gen 20181004
Rising Trojan.Azden!8.F0E3 (CLOUD) 20181004
SentinelOne (Static ML) static engine - malicious 20180926
VBA32 BScope.TrojanBanker.Emotet 20181004
Webroot W32.Trojan.Emotet 20181004
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20181004
Ad-Aware 20181004
AegisLab 20181004
AhnLab-V3 20181004
Alibaba 20180921
ALYac 20181004
Antiy-AVL 20181004
Arcabit 20181004
Avast 20181004
Avast-Mobile 20181004
Avira (no cloud) 20181004
AVware 20180925
Babable 20180918
Baidu 20180930
BitDefender 20181004
Bkav 20181003
CAT-QuickHeal 20181004
ClamAV 20181004
Cybereason 20180225
Cylance 20181004
Cyren 20181004
DrWeb 20181004
eGambit 20181004
Emsisoft 20181004
ESET-NOD32 20181004
F-Prot 20181004
F-Secure 20181004
Fortinet 20181004
GData 20181004
Ikarus 20181004
Jiangmin 20181004
K7AntiVirus 20181004
K7GW 20181003
Kingsoft 20181004
Malwarebytes 20181004
MAX 20181004
Microsoft 20181004
eScan 20181004
NANO-Antivirus 20181004
Panda 20181004
Sophos AV 20181004
SUPERAntiSpyware 20181004
Symantec 20181004
Symantec Mobile Insight 20181001
TACHYON 20181004
Tencent 20181004
TheHacker 20181001
TotalDefense 20181004
TrendMicro 20181004
TrendMicro-HouseCall 20181004
Trustlook 20181004
VIPRE 20181004
ViRobot 20181004
Yandex 20181004
Zillya 20181003
Zoner 20181004
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2002

Product e_Db 5.0 Expert Edition
Original name edb500x
Internal name e_Db 5.0 for Windows, Expert
File version 5, 0, 0, 1
Description e_Db 5.0 Expert Edition
Comments Client / server enabled build
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2002-06-28 13:48:13
Entry Point 0x0000E283
Number of sections 4
PE sections
PE imports
GetSaveFileNameA
CommDlgExtendedError
CertOpenSystemStoreA
CryptMsgDuplicate
CreatePatternBrush
SelectObject
GetGlyphOutlineW
StrokePath
GetClipRgn
EnumObjects
RectVisible
LineTo
Arc
GetKerningPairsA
MaskBlt
BitBlt
Polyline
GdiSetBatchLimit
OffsetClipRgn
ImmGetContext
OpenMutexA
WaitForMultipleObjectsEx
TransmitCommChar
lstrcpynA
GetNamedPipeInfo
GetBinaryTypeW
GetModuleHandleExW
GetModuleHandleA
lstrcatA
GetConsoleTitleW
SetConsoleHistoryInfo
GetLongPathNameA
CommConfigDialogA
GetLocalTime
GetThreadUILanguage
GetBinaryTypeA
LZSeek
LZInit
acmStreamOpen
ICLocate
NetApiBufferSize
NetGroupGetUsers
RasFreeEapUserIdentityW
RpcServerUseProtseqIfW
CM_Locate_DevNodeW
SHRegGetUSValueA
PathRemoveFileSpecA
StrTrimA
PathFileExistsA
IsClipboardFormatAvailable
WaitMessage
FlashWindow
BeginPaint
GetUpdateRgn
EnumWindows
EnumChildWindows
GetMenuState
ToAsciiEx
RealGetWindowClassA
VerQueryValueW
InternetOpenUrlA
InternetFindNextFileA
midiInGetDevCapsA
mixerGetLineControlsW
PlaySoundA
GetDriverModuleHandle
midiInAddBuffer
DeletePrinterDriverExW
CloseColorProfile
Ord(29)
RtlCompareMemory
memset
strlen
RtlInterlockedPopEntrySList
OleConvertOLESTREAMToIStorage
CoDisconnectObject
OleSetContainedObject
PdhMakeCounterPathW
Number of PE resources by type
RT_DIALOG 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
Debug information
ExifTool file metadata
SpecialBuild
NA

CodeSize
503808

SubsystemVersion
5.0

Comments
Client / server enabled build

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
5.0.0.1

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
e_Db 5.0 Expert Edition

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
61440

PrivateBuild
NA

EntryPoint
0xe283

OriginalFileName
edb500x

MIMEType
application/octet-stream

LegalCopyright
Copyright 2002

FileVersion
5, 0, 0, 1

TimeStamp
2002:06:28 15:48:13+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
e_Db 5.0 for Windows, Expert

ProductVersion
5, 0, 0, 1

UninitializedDataSize
0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Simple Software Solutions, Inc.

LegalTrademarks
e_Db, e_Fs, e_Comm

ProductName
e_Db 5.0 Expert Edition

ProductVersionNumber
5.0.0.1

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 8a098b2fcfaf335d3902eff6b2ba67a6
SHA1 4ffb321f79ccd0fa955d0ff8ba3a25464697bc9e
SHA256 ed65c68cf17030d1aa7634efae54c4f0172335e8fc46fee56c429a92e6a79f5e
ssdeep
3072:RL0GK4qErPoZPgNxGvRlQi5vcZPsl8pRqiUFEF:RL0GZXrOINQ5zvcJoqRqiU

authentihash e7bd92774196e93b5f414ea9d31e958b31a88b759b3b50f913ae928f4ec195f1
imphash aa38d37313a02fc372f30eeac76e8d9e
File size 552.0 KB ( 565248 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-10-04 15:34:41 UTC ( 4 months, 2 weeks ago )
Last submission 2018-10-04 17:38:31 UTC ( 4 months, 2 weeks ago )
File names ma5rppGjb.exe
ho4uKiwxwcXj.exe
YZob0gHfP.exe
as5PadGjC.exe
edb500x
peTU3OKOmb4.exe
e_Db 5.0 for Windows, Expert
yCv4XaLO0Fq.exe
kipnUk20V.exe
lanesattrib.exe
JcTG4UXdfwDV.exe
BCoH1wR7p.exe
0lplCq0e8A.exe
6E7DCE37.exe
texasleelaw.exe
sUwX6r1zNU1x.exe
7DXvaPM0P5D.exe
cMgp56qEVZ6.exe
wIJHiOmo.exe
Xs5qFSIJTxX.exe
ILmzfKIoAm.exe
edb500x.exe
sJiKtMKfwmhe.exe
X53bujQGe441.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!