× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: fba7a1735c7507d9959233980cc41481c45078e7fc1a3f82251e42ff77bed674
File name: 26731544.exe
Detection ratio: 49 / 69
Analysis date: 2018-12-14 14:58:56 UTC ( 2 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Ser.Razy.709 20181214
AhnLab-V3 Trojan/Win32.Emotet.R239704 20181213
ALYac Trojan.Agent.Emotet 20181214
Antiy-AVL Trojan/Win32.Fuerboos 20181214
Arcabit Trojan.Ser.Razy.709 20181214
Avast Win32:Malware-gen 20181214
AVG Win32:Malware-gen 20181214
Avira (no cloud) TR/Crypt.XPACK.Gen 20181214
BitDefender Gen:Variant.Ser.Razy.709 20181214
CAT-QuickHeal Trojan.Emotet.X4 20181214
Comodo Malware@#2kkd7ijb1e4yz 20181214
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cylance Unsafe 20181214
Cyren W32/Trojan.XWGS-4965 20181214
Emsisoft Gen:Variant.Ser.Razy.709 (B) 20181214
Endgame malicious (high confidence) 20181108
ESET-NOD32 Win32/Emotet.BR 20181214
F-Secure Gen:Variant.Ser.Razy.709 20181214
Fortinet W32/GenKryptik.COGQ!tr 20181214
GData Gen:Variant.Ser.Razy.709 20181214
Ikarus Trojan-Banker.Emotet 20181214
Sophos ML heuristic 20181128
K7AntiVirus Trojan ( 0053f19c1 ) 20181214
K7GW Trojan ( 0053f19c1 ) 20181214
Kaspersky Trojan-Banker.Win32.Emotet.bjag 20181214
Malwarebytes Trojan.Emotet 20181214
MAX malware (ai score=100) 20181214
McAfee RDN/Generic.dx 20181214
McAfee-GW-Edition BehavesLike.Win32.Emotet.gt 20181214
Microsoft Trojan:Win32/Emotet!rfn 20181214
eScan Gen:Variant.Ser.Razy.709 20181214
NANO-Antivirus Trojan.Win32.Emotet.fjjako 20181214
Palo Alto Networks (Known Signatures) generic.ml 20181214
Panda Trj/Emotet.C 20181213
Qihoo-360 HEUR/QVM20.1.944D.Malware.Gen 20181214
SentinelOne (Static ML) static engine - malicious 20181011
Sophos AV Mal/EncPk-ANY 20181214
Symantec Trojan.Emotet 20181214
Tencent Win32.Trojan-banker.Emotet.Taze 20181214
Trapmine malicious.moderate.ml.score 20181205
TrendMicro TrojanSpy.Win32.EMOTET.SMG.hp 20181214
TrendMicro-HouseCall TrojanSpy.Win32.EMOTET.SMG.hp 20181214
VBA32 BScope.TrojanBanker.Emotet 20181214
VIPRE Trojan.Win32.Generic!BT 20181214
ViRobot Trojan.Win32.Z.Razy.467968.F 20181214
Webroot W32.Trojan.Emotet 20181214
Yandex Trojan.PWS.Emotet! 20181214
Zillya Trojan.Emotet.Win32.6089 20181213
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bjag 20181214
AegisLab 20181214
Alibaba 20180921
Avast-Mobile 20181214
Babable 20180918
Baidu 20181207
Bkav 20181213
ClamAV 20181214
CMC 20181213
Cybereason 20180225
DrWeb 20181214
eGambit 20181214
F-Prot 20181214
Jiangmin 20181214
Kingsoft 20181214
Rising 20181214
SUPERAntiSpyware 20181212
Symantec Mobile Insight 20181212
TACHYON 20181214
TheHacker 20181213
TotalDefense 20181214
Zoner 20181214
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 1998-2005 Hauppauge Computer Works

Product HCWTVWND
Original name HCWTVWND.dll
Internal name HCWTVWND
File version 3, 01, 24111 PCI-USB DVBT/S PVR
Description HCWTVWND PCI-USB DVBT/S PVR
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-10-17 06:00:45
Entry Point 0x00002170
Number of sections 6
PE sections
PE imports
SetSecurityDescriptorControl
FillRgn
GetTickCount64
SetThreadPriority
IsProcessInJob
Wow64SetThreadContext
GetModuleHandleW
GetCurrentThread
GetFocus
GetNextDlgTabItem
UnhookWinEvent
IsZoomed
UnpackDDElParam
rand
strlen
MonikerRelativePathTo
CoRegisterClassObject
Number of PE resources by type
RT_DIALOG 3
RT_VERSION 1
Number of PE resources by language
ENGLISH US 4
PE resources
ExifTool file metadata
UninitializedDataSize
4294967295

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.1.24111.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
HCWTVWND PCI-USB DVBT/S PVR

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
462848

EntryPoint
0x2170

OriginalFileName
HCWTVWND.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright 1998-2005 Hauppauge Computer Works

FileVersion
3, 01, 24111 PCI-USB DVBT/S PVR

TimeStamp
2018:10:16 23:00:45-07:00

FileType
Win32 EXE

PEType
PE32

InternalName
HCWTVWND

ProductVersion
3, 01, 24111 PCI-USB DVBT/S PVR

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Hauppauge Computer Works

CodeSize
9728

ProductName
HCWTVWND

ProductVersionNumber
3.1.24111.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 5cf6f6ee26cd1d28aa723fd01c084f2d
SHA1 931d6a06104b06f7b8008de0db6b35456d600364
SHA256 fba7a1735c7507d9959233980cc41481c45078e7fc1a3f82251e42ff77bed674
ssdeep
1536:ToV/b/6aeO9wzqR+0hjH8Sioag8jN+DEcITjYazWtn5GGWL7AxJ5aeRiJ3kvMY:Qb/6aTwGRJcS/ujwEcYjY3tnS7qIeOc

authentihash 17978aa9ae5db5ed1c40acbb84537367334b07de881ae1d1a6567caba62d502c
imphash 94b94f44cafc38aa28452abe5c7f8570
File size 457.0 KB ( 467968 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (25.2%)
Clipper DOS Executable (25.0%)
Generic Win/DOS Executable (24.8%)
DOS Executable Generic (24.8%)
Tags
peexe

VirusTotal metadata
First submission 2018-10-17 08:53:37 UTC ( 4 months ago )
Last submission 2018-10-29 12:16:04 UTC ( 3 months, 3 weeks ago )
File names volumefltr.exe
HCWTVWND.dll
dynamicconv.exe
HCWTVWND
volumelanes.exe
26731544.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!