× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f065768a99ff30709577f54d55c7ca2c39808b71613dadc340070a6bd1e34ca9
File name: (9).exe
Detection ratio: 42 / 66
Analysis date: 2018-06-24 04:53:23 UTC ( 7 months, 3 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Razy.351823 20180624
AhnLab-V3 Trojan/Win32.Emotet.R230398 20180623
ALYac Trojan.Agent.Emotet 20180624
Antiy-AVL Trojan/Win32.Dovs 20180624
Arcabit Trojan.Razy.D55E4F 20180624
Avast FileRepMalware 20180624
AVG FileRepMalware 20180624
Avira (no cloud) TR/Crypt.Agent.deaxv 20180623
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180622
BitDefender Gen:Variant.Razy.351823 20180624
Bkav HW32.Packed.9E94 20180623
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20180530
Cylance Unsafe 20180624
Cyren W32/Trojan.NTKI-8531 20180624
DrWeb Trojan.EmotetENT.246 20180624
Emsisoft Trojan.Emotet (A) 20180624
Endgame malicious (high confidence) 20180612
ESET-NOD32 a variant of Win32/Kryptik.GIBA 20180624
F-Prot W32/Emotet.CQ.gen!Eldorado 20180624
F-Secure Gen:Variant.Razy.351823 20180622
Fortinet W32/Kryptik.GIBA!tr 20180624
GData Win32.Trojan-Spy.Emotet.RT 20180624
Ikarus Trojan.Win32.Crypt 20180623
Sophos ML heuristic 20180601
Kaspersky Trojan.Win32.Dovs.oxj 20180624
Malwarebytes Trojan.Emotet 20180624
MAX malware (ai score=97) 20180624
McAfee Emotet-FHK!E12E0DC64B46 20180624
McAfee-GW-Edition BehavesLike.Win32.Emotet.ch 20180624
Microsoft Trojan:Win32/Emotet.AC!bit 20180624
eScan Gen:Variant.Razy.351823 20180624
NANO-Antivirus Trojan.Win32.Dovs.fejsjc 20180624
Palo Alto Networks (Known Signatures) generic.ml 20180624
Qihoo-360 Win32/Trojan.e8c 20180624
Rising Trojan.Kryptik!8.8 (RDM+:cmRtazpfUE7vnAnh8sBIr9ojilYK) 20180624
Sophos AV Mal/Generic-S 20180624
Symantec Trojan.Emotet 20180623
TrendMicro TROJ_GEN.R002C0DFN18 20180624
TrendMicro-HouseCall TROJ_GEN.R002C0DFN18 20180624
ViRobot Trojan.Win32.Z.Emotet.126979.B 20180623
Webroot W32.Trojan.Emotet 20180624
ZoneAlarm by Check Point Trojan.Win32.Dovs.oxj 20180624
AegisLab 20180622
Alibaba 20180622
Avast-Mobile 20180623
AVware 20180624
Babable 20180406
CAT-QuickHeal 20180623
ClamAV 20180623
CMC 20180623
Comodo 20180623
eGambit 20180624
Jiangmin 20180624
K7AntiVirus 20180624
K7GW 20180623
Kingsoft 20180624
Panda 20180623
SentinelOne (Static ML) 20180618
SUPERAntiSpyware 20180623
Symantec Mobile Insight 20180619
TACHYON 20180624
Tencent 20180624
TheHacker 20180622
Trustlook 20180624
VBA32 20180622
VIPRE 20180624
Yandex 20180622
Zillya 20180622
Zoner 20180623
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(c)2008-2018 CPUID. All rights reserved.

Product CPUID Hardware Monitor
Original name HWMonitor.exe
Internal name HWMonitor.exe
File version 1, 3, 5, 0
Description HWMonitor
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-06-22 05:55:49
Entry Point 0x00001713
Number of sections 4
PE sections
Overlays
MD5 692c8022360661692872fdc730517229
File type ASCII text
Offset 126976
Size 3
Entropy 1.58
PE imports
CryptSetKeyParam
CryptVerifySignatureW
RegCloseKey
SetSecurityAccessMask
PolyPolygon
Pie
CreateEllipticRgn
GdiGetBatchLimit
GetThreadContext
LockFileEx
GetThreadId
SetProcessPriorityBoost
SetEvent
GetTickCount
FormatMessageA
GetSystemTimeAsFileTime
GetEnvironmentStringsW
CloseHandle
WritePrivateProfileStringW
FillConsoleOutputAttribute
GetCurrentThread
acmFormatEnumW
MapWindowPoints
GetWindowThreadProcessId
UnhookWinEvent
GetCursorInfo
GetCapture
DdeAbandonTransaction
UserHandleGrantAccess
GetClipboardSequenceNumber
GetClipboardData
OpenDriver
AddMonitorW
Number of PE resources by type
RT_STRING 26
RT_DIALOG 4
RT_BITMAP 4
RT_MENU 1
RT_ACCELERATOR 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 34
FRENCH 3
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2018:06:22 06:55:49+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
24576

LinkerVersion
0.0

ImageFileCharacteristics
No relocs, Executable, 32-bit

EntryPoint
0x1713

InitializedDataSize
65536

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 e12e0dc64b4643756b210ec3d8e9b450
SHA1 a339cc7ecfd02cdb722e2e5eadabbfb5a219a895
SHA256 f065768a99ff30709577f54d55c7ca2c39808b71613dadc340070a6bd1e34ca9
ssdeep
3072:yIJTIShJwbFFWglDkndduQ6aPfyEPpUWDzXF:yIJkPbfWIoduAPfV

authentihash c022a5233e0a8c369e262c9169232ca7fda7953841025b336c756fac39100290
imphash 6e0cd355c0dc20ed5eeb8daeed21c72d
File size 124.0 KB ( 126979 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe overlay

VirusTotal metadata
First submission 2018-06-22 22:41:59 UTC ( 7 months, 4 weeks ago )
Last submission 2018-09-14 02:33:32 UTC ( 5 months ago )
File names HWMonitor.exe
(9).exe
e12e0dc64b4643756b210ec3d8e9b450.virobj
(9)012.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!