× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f60b127f79a7a2b9858df75258b8e3e176d99f3da395641bd125ae938ddad08c
File name: WOBtnS_v21eJ.exe
Detection ratio: 16 / 69
Analysis date: 2018-12-19 17:21:41 UTC ( 1 month, 4 weeks ago ) View latest
Antivirus Result Update
Acronis malware 20180726
Bkav HW32.Packed. 20181219
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181022
Cybereason malicious.36f5b2 20180225
Cylance Unsafe 20181219
eGambit Unsafe.AI_Score_99% 20181219
Endgame malicious (high confidence) 20181108
Sophos ML heuristic 20181128
McAfee GenericRXGR-QC!42AD27DE17A6 20181219
McAfee-GW-Edition BehavesLike.Win32.Emotet.cc 20181219
Microsoft Trojan:Win32/Fuerboos.A!cl 20181219
Qihoo-360 HEUR/QVM20.1.F961.Malware.Gen 20181219
Rising Malware.Heuristic!ET#99% (RDM+:cmRtazpUKtFHQT2hdjO0Y22J3sfA) 20181219
SentinelOne (Static ML) static engine - malicious 20181011
Symantec ML.Attribute.HighConfidence 20181219
Trapmine malicious.high.ml.score 20181205
Ad-Aware 20181219
AegisLab 20181219
AhnLab-V3 20181219
Alibaba 20180921
Antiy-AVL 20181219
Arcabit 20181219
Avast 20181219
Avast-Mobile 20181219
AVG 20181219
Avira (no cloud) 20181219
Babable 20180918
Baidu 20181207
BitDefender 20181219
CAT-QuickHeal 20181219
ClamAV 20181219
CMC 20181218
Comodo 20181219
Cyren 20181219
DrWeb 20181219
Emsisoft 20181219
ESET-NOD32 20181219
F-Prot 20181219
F-Secure 20181219
Fortinet 20181219
GData 20181219
Ikarus 20181219
Jiangmin 20181219
K7AntiVirus 20181219
K7GW 20181219
Kaspersky 20181219
Kingsoft 20181219
Malwarebytes 20181219
MAX 20181219
eScan 20181219
NANO-Antivirus 20181219
Palo Alto Networks (Known Signatures) 20181219
Panda 20181219
Sophos AV 20181219
SUPERAntiSpyware 20181212
Symantec Mobile Insight 20181215
TACHYON 20181219
Tencent 20181219
TheHacker 20181216
TotalDefense 20181219
TrendMicro 20181219
TrendMicro-HouseCall 20181219
Trustlook 20181219
VBA32 20181219
ViRobot 20181219
Webroot 20181219
Yandex 20181219
Zillya 20181219
ZoneAlarm by Check Point 20181219
Zoner 20181219
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft

Product Microsoft®
Original name kbdth3.dll
Internal name TCPSVCS.EXE
Description TCP/IP Services Application
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2002-07-18 02:23:20
Entry Point 0x00002B70
Number of sections 9
PE sections
PE imports
RemoveUsersFromEncryptedFile
GetSecurityDescriptorRMControl
OffsetClipRgn
GetEnvironmentStrings
GetNamedPipeServerProcessId
GetThreadLocale
GetThreadTimes
GlobalMemoryStatusEx
GetBinaryTypeA
GetCurrentThread
Ord(29)
SendMessageA
GetLastInputInfo
DlgDirListW
GetMenuContextHelpId
CopyIcon
GetKeyState
g_rgSCardT1Pci
memmove
OleFlushClipboard
Number of PE resources by type
RT_BITMAP 1
RT_VERSION 1
Number of PE resources by language
JAPANESE DEFAULT 2
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2002:07:18 03:23:20+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
135168

LinkerVersion
2.0

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x2b70

InitializedDataSize
0

SubsystemVersion
5.0

ImageVersion
5.1

OSVersion
6.0

UninitializedDataSize
0

File identification
MD5 42ad27de17a635cbbb3112ad6e908437
SHA1 d61faf936f5b224f5bcd92c3ae98a4336a32101f
SHA256 f60b127f79a7a2b9858df75258b8e3e176d99f3da395641bd125ae938ddad08c
ssdeep
1536:4SflUcZwwXAiaa0pNt+0bePOB/KzdAhq2c0SvDI:nflUcZwwf507t+0bTB/KzdAhq2b1

authentihash 3eb93247a6a91f3412de12c86ef45961ba381c310a7ea51b4130c0e80388ff29
imphash b373937656301bde8eb94e06cb136e6d
File size 124.0 KB ( 126976 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-19 17:21:41 UTC ( 1 month, 4 weeks ago )
Last submission 2018-12-19 17:39:40 UTC ( 1 month, 4 weeks ago )
File names YY_M2KOFRK6H.EXE
kbdth3.dll
TCPSVCS.EXE
WOBtnS_v21eJ.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!