× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ef2d26e82fdb64679ac65b9fde4bb70575a116ec9ce69e03d2313a2d742c146b
File name: G3Ap2ThwHd8jwZ.exe
Detection ratio: 44 / 70
Analysis date: 2018-12-31 01:05:19 UTC ( 1 month, 3 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.Autoruns.GenericKDS.31453563 20181231
ALYac Trojan.Autoruns.GenericKDS.31453563 20181231
Arcabit Trojan.Autoruns.GenericS.D1DFF17B 20181230
Avast Win32:Malware-gen 20181230
AVG Win32:Malware-gen 20181230
Avira (no cloud) TR/AD.Emotet.tixks 20181230
BitDefender Trojan.Autoruns.GenericKDS.31453563 20181230
Comodo Malware@#2rn2gi11zu3nn 20181230
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.17f2c4 20180225
Cylance Unsafe 20181231
Cyren W32/Trojan.EOLT-1584 20181230
Emsisoft Trojan.Autoruns.GenericKDS.31453563 (B) 20181230
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GODV 20181230
F-Secure Trojan.Autoruns.GenericKDS.31453563 20181230
Fortinet W32/GenKryptik.CVDR!tr 20181230
GData Trojan.Autoruns.GenericKDS.31453563 20181230
Ikarus Trojan.Autoruns.GenericKDS 20181230
Sophos ML heuristic 20181128
K7AntiVirus Trojan ( 0054488c1 ) 20181230
K7GW Trojan ( 0054488c1 ) 20181230
Kaspersky Trojan-Banker.Win32.Emotet.bwyk 20181230
Malwarebytes Trojan.Emotet.Generic 20181230
McAfee Emotet-FID!29880EE17F2C 20181230
McAfee-GW-Edition Emotet-FID!29880EE17F2C 20181230
Microsoft Trojan:Win32/Emotet.AC!bit 20181230
eScan Trojan.Autoruns.GenericKDS.31453563 20181230
NANO-Antivirus Trojan.Win32.Emotet.flpnqa 20181230
Palo Alto Networks (Known Signatures) generic.ml 20181231
Panda Trj/CI.A 20181230
Qihoo-360 Win32/Trojan.946 20181231
Rising Trojan.Emotet!8.B95 (CLOUD) 20181230
SentinelOne (Static ML) static engine - malicious 20181223
Sophos AV Mal/EncPk-ANY 20181230
Symantec Packed.Generic.517 20181230
TACHYON Banker/W32.Emotet.240128 20181230
Tencent Win32.Trojan-banker.Emotet.Hsiy 20181231
Trapmine malicious.high.ml.score 20181205
TrendMicro TROJ_GEN.R002C0OLS18 20181230
TrendMicro-HouseCall TROJ_GEN.R002C0OLS18 20181230
VBA32 BScope.Trojan.Emotet 20181229
Webroot Bitcoinminer.Gen 20181231
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bwyk 20181231
Acronis 20181227
AegisLab 20181230
Alibaba 20180921
Antiy-AVL 20181230
Avast-Mobile 20181230
Babable 20180918
Baidu 20181207
Bkav 20181227
CAT-QuickHeal 20181230
ClamAV 20181230
CMC 20181230
DrWeb 20181230
eGambit 20181231
F-Prot 20181230
Jiangmin 20181230
Kingsoft 20181231
MAX 20181231
SUPERAntiSpyware 20181226
Symantec Mobile Insight 20181225
TheHacker 20181230
TotalDefense 20181230
Trustlook 20181231
VIPRE 20181231
ViRobot 20181231
Yandex 20181229
Zillya 20181228
Zoner 20181231
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright 1998-2006 AOL LLC

Product XPRT Runtime Library
Original name xprt.exe
Internal name xprt
File version 6.2.1.1
Description XPRT Runtime Library
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2004-08-04 07:56:09
Entry Point 0x00005D93
Number of sections 6
PE sections
PE imports
GetTextMetricsA
GetColorAdjustment
EnumResourceTypesA
FlsFree
Wow64EnableWow64FsRedirection
LoadLibraryW
VirtualLock
VerifyScripts
GetModuleHandleW
GetWindowThreadProcessId
DrawFocusRect
GetUserObjectInformationW
GetKeyboardLayoutNameA
GetLastActivePopup
GetDialogBaseUnits
GetTabbedTextExtentW
strcspn
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
1

LinkerVersion
12.0

ImageVersion
0.1

FileSubtype
0

FileVersionNumber
6.2.1.1

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
XPRT Runtime Library

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
218624

EntryPoint
0x5d93

OriginalFileName
xprt.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 1998-2006 AOL LLC

FileVersion
6.2.1.1

TimeStamp
2004:08:04 09:56:09+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
xprt

ProductVersion
6.2.1.1

SubsystemVersion
5.1

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
AOL LLC

CodeSize
27648

ProductName
XPRT Runtime Library

ProductVersionNumber
6.2.1.1

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 29880ee17f2c43d97e7778919aaa8cf7
SHA1 9ce4dd45c0570dde357d48a70f01bda57e8afcf3
SHA256 ef2d26e82fdb64679ac65b9fde4bb70575a116ec9ce69e03d2313a2d742c146b
ssdeep
3072:aeWYyKmcVaWFs8V8RxaXj48rIRUHfMF+:apYmsaWFsE8naXj4XRU/MF

authentihash 379b9ffa2be39483c73859424999255731cc10529e58fb5dac5bfc807ff56b7e
imphash 7ad6b24643569264823a5f82cafaeef6
File size 234.5 KB ( 240128 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-26 15:59:26 UTC ( 1 month, 3 weeks ago )
Last submission 2018-12-26 15:59:26 UTC ( 1 month, 3 weeks ago )
File names xprt.exe
G3Ap2ThwHd8jwZ.exe
xprt
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!