× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f8e12539160e3fb2ea10ad450dc6121c6f222236d8ed4c763568067eda88623a
File name: H4FeAHxM1.exe
Detection ratio: 20 / 65
Analysis date: 2018-11-23 14:39:01 UTC ( 2 months, 4 weeks ago ) View latest
Antivirus Result Update
Avast FileRepMalware 20181123
AVG FileRepMalware 20181123
Bkav HW32.Packed. 20181123
ClamAV Win.Trojan.Emotet-6748800-0 20181123
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.ed3e20 20180225
Endgame malicious (high confidence) 20181108
Fortinet W32/GenKryptik.CRRV!tr 20181123
Sophos ML heuristic 20181108
Kaspersky UDS:DangerousObject.Multi.Generic 20181123
McAfee-GW-Edition BehavesLike.Win32.Emotet.cc 20181123
Microsoft Trojan:Win32/Fuery.B!cl 20181123
Palo Alto Networks (Known Signatures) generic.ml 20181123
Rising Trojan.Kryptik!1.B4D6 (CLASSIC) 20181123
SentinelOne (Static ML) static engine - malicious 20181011
Sophos AV Mal/EncPk-ANY 20181123
Symantec Trojan.Emotet 20181123
Trapmine malicious.high.ml.score 20180918
Webroot W32.Trojan.Emotet 20181123
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20181123
Ad-Aware 20181123
AegisLab 20181123
AhnLab-V3 20181123
Alibaba 20180921
ALYac 20181123
Antiy-AVL 20181123
Arcabit 20181123
Avast-Mobile 20181123
Avira (no cloud) 20181123
Babable 20180918
Baidu 20181123
BitDefender 20181123
CAT-QuickHeal 20181123
CMC 20181123
Comodo 20181123
Cylance 20181123
Cyren 20181123
DrWeb 20181123
eGambit 20181123
Emsisoft 20181123
ESET-NOD32 20181123
F-Prot 20181123
F-Secure 20181123
GData 20181123
Ikarus 20181123
Jiangmin 20181123
K7AntiVirus 20181123
K7GW 20181123
Kingsoft 20181123
Malwarebytes 20181123
MAX 20181123
McAfee 20181123
eScan 20181123
NANO-Antivirus 20181123
Panda 20181123
Qihoo-360 20181123
SUPERAntiSpyware 20181121
Symantec Mobile Insight 20181121
TACHYON 20181123
Tencent 20181123
TheHacker 20181118
TrendMicro 20181123
TrendMicro-HouseCall 20181123
Trustlook 20181123
VBA32 20181123
ViRobot 20181123
Yandex 20181122
Zillya 20181123
Zoner 20181123
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Internal name o
Description ODBC
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1995-11-13 23:08:05
Entry Point 0x00003660
Number of sections 7
PE sections
PE imports
JetCloseTable
lstrcmpW
GetUserDefaultLocaleName
GetCommandLineW
IsWindow
SetCapture
SetCaretPos
GetScrollPos
GetClipboardOwner
GetKeyState
Number of PE resources by type
RT_STRING 2
RT_VERSION 1
Number of PE resources by language
NORWEGIAN BOKMAL 3
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
14.0

ImageVersion
0.1

FileVersionNumber
1.6.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
ODBC

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

Ht
Microsoft Corporation. All r

EntryPoint
0x3660

MIMEType
application/octet-stream

TimeStamp
1995:11:14 00:08:05+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
o

SubsystemVersion
5.0

OSVersion
6.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TVersion
1.0

CodeSize
12288

FileSubtype
0

ProductVersionNumber
1.6.0.0

InitializedDataSize
0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 a93314e4478d2a184d347c111946f42a
SHA1 534bb09ed3e203a3b18a216dc9eb63ab4c332db1
SHA256 f8e12539160e3fb2ea10ad450dc6121c6f222236d8ed4c763568067eda88623a
ssdeep
3072:Y5HLHv/SMWzzM45dW3f3P3nXdUh6h5U5OGa87y6:ELazifP3XdUh6Bg

authentihash 5eafda7f8ce7f8129976e75ee173e16a01e3992697bf64d2d4ef88a18701bf21
imphash 71c3438f165d0342ac4e94797caa5486
File size 132.0 KB ( 135168 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe

VirusTotal metadata
First submission 2018-11-23 14:02:48 UTC ( 2 months, 4 weeks ago )
Last submission 2018-11-28 09:18:22 UTC ( 2 months, 3 weeks ago )
File names H4FeAHxM1.exe
0CJXo7EoQJX.exe
PXxFUNdLuAra.exe
fXza4sEjGs1.exe
dOoP9lAy3cqtp4tbi.exe
a93314e4478d2a184d347c111946f42a
MwdivcH52T4.exe
o
qllut6Io7.exe
WJCmn3xZd.exe
0dmpqnmpr7R.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!