× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f05039f6d17e0d7b5800aa86b36224d030f43708202751790f9407673420fd2a
File name: ajCInrj.exe
Detection ratio: 44 / 71
Analysis date: 2019-01-07 13:56:05 UTC ( 1 month, 2 weeks ago ) View latest
Antivirus Result Update
AhnLab-V3 Malware/Gen.Generic.C2914604 20190107
ALYac Trojan.Autoruns.GenericKD.40910896 20190107
Arcabit Trojan.Autoruns.Generic.D2704030 20190107
Avast Win32:BankerX-gen [Trj] 20190107
AVG Win32:BankerX-gen [Trj] 20190107
Avira (no cloud) TR/AD.Emotet.lckrl 20190107
BitDefender Trojan.Autoruns.GenericKD.40910896 20190107
CAT-QuickHeal Trojan.Emotet.X4 20190107
Comodo Malware@#36z3yvvxpibg2 20190107
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cylance Unsafe 20190107
Cyren W32/Trojan.STLS-4922 20190107
eGambit Unsafe.AI_Score_88% 20190107
Emsisoft Trojan.Autoruns.GenericKD.40910896 (B) 20190107
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GOIJ 20190107
F-Secure Trojan.Autoruns.GenericKD.40910896 20190107
Fortinet W32/GenKryptik.CVSD!tr 20190107
GData Trojan.Autoruns.GenericKD.40910896 20190107
Ikarus Trojan-Spy.Win32.Emotet 20190106
Sophos ML heuristic 20181128
K7AntiVirus Riskware ( 0040eff71 ) 20190107
K7GW Riskware ( 0040eff71 ) 20190107
Kaspersky Trojan-Banker.Win32.Emotet.bydx 20190107
Malwarebytes Trojan.Emotet 20190107
MAX malware (ai score=100) 20190107
McAfee Emotet-FLL!BA1E6EA6298F 20190107
McAfee-GW-Edition Artemis!Trojan 20190107
Microsoft Trojan:Win32/Emotet.AC!bit 20190107
eScan Trojan.Autoruns.GenericKD.40910896 20190107
Palo Alto Networks (Known Signatures) generic.ml 20190107
Panda Trj/GdSda.A 20190106
Qihoo-360 HEUR/QVM19.1.53D9.Malware.Gen 20190107
Rising Trojan.Emotet!8.B95 (CLOUD) 20190107
SentinelOne (Static ML) static engine - malicious 20181223
Sophos AV Mal/Generic-S 20190107
Symantec Trojan.Gen.2 20190107
Trapmine malicious.moderate.ml.score 20190103
TrendMicro TROJ_GEN.R039C0GA619 20190107
TrendMicro-HouseCall TROJ_GEN.R039C0GA619 20190107
VIPRE Trojan.Win32.Generic!BT 20190107
ViRobot Trojan.Win32.Z.Fuerboos.352256 20190107
Webroot W32.Trojan.Emotet 20190107
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bydx 20190107
Acronis 20181227
AegisLab 20190107
Alibaba 20180921
Antiy-AVL 20190107
Avast-Mobile 20190106
AVware 20180925
Babable 20180918
Baidu 20190107
Bkav 20190104
ClamAV 20190107
CMC 20190106
Cybereason 20180225
DrWeb 20190107
F-Prot 20190107
Jiangmin 20190107
Kingsoft 20190107
NANO-Antivirus 20190107
SUPERAntiSpyware 20190102
TACHYON 20190107
Tencent 20190107
TheHacker 20190106
TotalDefense 20190107
Trustlook 20190107
VBA32 20190104
Yandex 20181229
Zillya 20190105
Zoner 20190107
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights

Product Microsoft
File version 6.1.7600.
Description Windows Socket2 NameSpa
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2004-08-04 07:56:09
Entry Point 0x00002D0A
Number of sections 5
PE sections
PE imports
SetSecurityDescriptorControl
GetCurrentHwProfileW
GetSecurityDescriptorControl
GetClusterResourceNetworkName
ExtSelectClipRgn
GetTextCharsetInfo
UnrealizeObject
FlattenPath
CreateHalftonePalette
GetPrivateProfileSectionNamesA
SetFileIoOverlappedRange
GetConsoleMode
FreeEnvironmentStringsW
GetModuleHandleA
IsSystemResumeAutomatic
GetConsoleCursorInfo
SetSystemPowerState
GetOEMCP
GetWindowsDirectoryA
RegisterApplicationRestart
GetComputerNameA
FindFirstFileW
GetUserDefaultLCID
FindResourceA
VerifyScripts
GetBinaryTypeA
FileTimeToLocalFileTime
LZSeek
SysStringByteLen
ToUnicodeEx
GetWindowThreadProcessId
BeginDeferWindowPos
GetPriorityClipboardFormat
GetTitleBarInfo
DdeAddData
UpdateLayeredWindowIndirect
GetRawInputBuffer
GetMenuCheckMarkDimensions
LookupIconIdFromDirectory
Number of PE resources by type
RT_DIALOG 24
RT_STRING 12
RT_VERSION 1
Number of PE resources by language
ENGLISH US 4
SWEDISH 3
PORTUGUESE 3
GERMAN 3
DUTCH 3
FRENCH 3
PORTUGUESE BRAZILIAN 3
SPANISH MODERN 3
ENGLISH UK 3
SPANISH 3
SPANISH MEXICAN 3
ITALIAN 3
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
15.255

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.1.10.138

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Windows Socket2 NameSpa

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
57856

EntryPoint
0x2d0a

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights

FileVersion
6.1.7600.

TimeStamp
2004:08:04 09:56:09+02:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
6.1.7600

SubsystemVersion
5.1

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
46080

ProductName
Microsoft

ProductVersionNumber
2.6.2.116

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 ba1e6ea6298fc1e67215c4a87e046c9e
SHA1 c9469955e57f403715b6d94dbb426df82cdb4553
SHA256 f05039f6d17e0d7b5800aa86b36224d030f43708202751790f9407673420fd2a
ssdeep
3072:Z7NP5UzOEMxVg/S+4mfxhAWXXXOFRwobscedjCWY86bIWLu4Nrme/1Z:Z755KMxVo4mpDXHOF

authentihash 60ca81d80fc04d0335512f5ab5da2ffe56d4e77b997d8fee0399bc520871ab49
imphash 18f2346d53b423aefd204cdb1440c5b3
File size 344.0 KB ( 352256 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2019-01-04 19:04:11 UTC ( 1 month, 2 weeks ago )
Last submission 2019-01-04 19:04:11 UTC ( 1 month, 2 weeks ago )
File names ajCInrj.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!