× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f172aed17dad88cdd34085fcbdad3bd2383c1304f989bf6ebd84c21fa43b7cb1
File name: 625HyKuMx94ALN4v.exe
Detection ratio: 13 / 67
Analysis date: 2018-11-07 10:06:21 UTC ( 4 months, 2 weeks ago ) View latest
Antivirus Result Update
AegisLab Trojan.Win32.Generic.ljju 20181107
Avast FileRepMalware 20181107
AVG FileRepMalware 20181107
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181022
Cylance Unsafe 20181107
Endgame malicious (high confidence) 20180730
Sophos ML heuristic 20180717
K7GW Hacktool ( 700007861 ) 20181107
Microsoft Trojan:Win32/Fuerboos.C!cl 20181107
Qihoo-360 HEUR/QVM20.1.0B4A.Malware.Gen 20181107
Rising Trojan.Fuerboos!8.EFC8 (TFE:dGZlOgI33aNXA8018g) 20181107
SentinelOne (Static ML) static engine - malicious 20181011
Symantec ML.Attribute.HighConfidence 20181107
Ad-Aware 20181107
AhnLab-V3 20181106
Alibaba 20180921
ALYac 20181107
Antiy-AVL 20181107
Arcabit 20181107
Avast-Mobile 20181107
Avira (no cloud) 20181107
Babable 20180918
Baidu 20181107
BitDefender 20181107
Bkav 20181107
CAT-QuickHeal 20181105
ClamAV 20181107
CMC 20181107
Cybereason 20180225
Cyren 20181107
DrWeb 20181107
eGambit 20181107
Emsisoft 20181107
ESET-NOD32 20181107
F-Prot 20181107
F-Secure 20181107
Fortinet 20181107
GData 20181107
Ikarus 20181107
Jiangmin 20181107
K7AntiVirus 20181107
Kaspersky 20181107
Kingsoft 20181107
Malwarebytes 20181107
MAX 20181107
McAfee 20181107
McAfee-GW-Edition 20181107
eScan 20181107
NANO-Antivirus 20181107
Palo Alto Networks (Known Signatures) 20181107
Panda 20181106
Sophos AV 20181107
SUPERAntiSpyware 20181107
Symantec Mobile Insight 20181105
TACHYON 20181107
Tencent 20181107
TheHacker 20181107
TotalDefense 20181107
TrendMicro 20181107
TrendMicro-HouseCall 20181107
Trustlook 20181107
VBA32 20181106
ViRobot 20181107
Webroot 20181107
Yandex 20181106
Zillya 20181106
ZoneAlarm by Check Point 20181107
Zoner 20181107
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Farm Corpora

Internal name apisetstub
File version 6.1.7601.2367
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-11-07 10:02:05
Entry Point 0x0000CEDB
Number of sections 4
PE sections
PE imports
GetClusterResourceNetworkName
Ellipse
GetMetaRgn
DescribePixelFormat
GetStringScripts
GetModuleHandleA
ApplicationRecoveryFinished
CreateCaret
LoadCursorW
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
LegalTrademarks
QQQQQqA, Netscape

UninitializedDataSize
0

InitializedDataSize
53248

ImageVersion
0.0

FileVersionNumber
1.4.20030.62408

LanguageCode
Neutral

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
12.0

FileTypeExtension
exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
6.1.7601.2367

TimeStamp
2018:11:07 11:02:05+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
apisetstub

ProductVersion
6.1.7601.2367

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

LegalCopyright
Farm Corpora

MachineType
Intel 386 or later, and compatibles

CompanyName
Micros

CodeSize
413696

FileSubtype
0

ProductVersionNumber
1.4.0.0

EntryPoint
0xcedb

ObjectFileType
Dynamic link library

Execution parents
File identification
MD5 d90719fee0e998cd5ef251e08147d629
SHA1 ea51627af1f08d231d7939dc4ba0963ed4c6025f
SHA256 f172aed17dad88cdd34085fcbdad3bd2383c1304f989bf6ebd84c21fa43b7cb1
ssdeep
3072:Elqdqvw4252Jn1dzm/uOzq0r6RFLoS4TiJz7GBs:pE445Jn3zEqR1oSp6B

authentihash 7492f148b16294c30cc425e4aa0b154405bd59dd1b8490a3a386791a5618091b
imphash 89014b190e8a6f109271d3c27cbc4dcb
File size 452.0 KB ( 462848 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-11-07 10:06:21 UTC ( 4 months, 2 weeks ago )
Last submission 2018-11-19 17:49:31 UTC ( 4 months ago )
File names d90719fee0e998cd5ef251e08147d629
4.exe
Q31OEYZNLTHQHSHF.EXE
2729886.exe
99510332.exe
07.exe
cofireelement.exe
0321.exe
172.exe
260004.exe
25291224.EXE
168.exe
522166.exe
97.exe
89.exe
625HyKuMx94ALN4v.exe
8525.exe
9.exe
12.exe.5.dr
674.exe
3.exe
OKZVD9XZ3N3JVZ860C.EXE
16483601.exe
apisetstub
0.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!