× ¡Las cookies están desactivadas! Esta página requiere que las cookies estén activadas para funcionar correctamente
SHA256: 6739c782d114307deaac42120a7061f51f9e74a86f1e60664997a269784143f2
Nombre: verclsid.exe
Detecciones: 53 / 65
Fecha de análisis: 2018-09-28 01:02:54 UTC ( hace 2 semanas, 5 días )
Antivirus Resultado Actualización
Ad-Aware Trojan.GenericKD.4823002 20180927
AegisLab Trojan.Win32.Dridex.m!c 20180927
AhnLab-V3 Backdoor/Win32.Dridex.R198857 20180927
ALYac Trojan.Dridex.A 20180928
Antiy-AVL Trojan/Win32.TSGeneric 20180928
Arcabit Trojan.Generic.D4997DA 20180928
Avast Win32:GenMalicious-NYM [Trj] 20180927
AVG Win32:GenMalicious-NYM [Trj] 20180927
Avira (no cloud) TR/Crypt.ZPACK.Gen2 20180928
AVware Trojan.Win32.Generic!BT 20180925
BitDefender Trojan.GenericKD.4823002 20180928
Bkav HW32.Packed. 20180927
CAT-QuickHeal Backdoor.Dridex 20180927
ClamAV Win.Trojan.Agent-6260425-0 20180927
Comodo UnclassifiedMalware 20180928
CrowdStrike Falcon (ML) malicious_confidence_90% (D) 20180723
Cybereason malicious.f79cb0 20180225
Cylance Unsafe 20180928
Cyren W32/Agent.LXID-7388 20180927
Emsisoft Trojan.GenericKD.4823002 (B) 20180927
Endgame malicious (high confidence) 20180730
ESET-NOD32 Win32/Dridex.BC 20180928
F-Prot W32/Agent.MZLQ 20180927
F-Secure Trojan.GenericKD.4823002 20180927
Fortinet W32/Agent.YUH!tr 20180927
GData Win32.Trojan-Spy.Emotet.CO 20180927
Ikarus Trojan.Win32.Agent 20180927
Sophos ML heuristic 20180717
Jiangmin Backdoor.Dridex.aw 20180927
K7AntiVirus Trojan ( 0050acd61 ) 20180927
K7GW Trojan ( 0050acd61 ) 20180927
Kaspersky Backdoor.Win32.Dridex.gu 20180927
MAX malware (ai score=100) 20180928
McAfee Generic.abl 20180927
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.cc 20180927
eScan Trojan.GenericKD.4823002 20180927
NANO-Antivirus Trojan.Win32.Dridex.enscza 20180928
Palo Alto Networks (Known Signatures) generic.ml 20180928
Panda Trj/Agent.AAK 20180927
Qihoo-360 Win32/Backdoor.3c1 20180928
Sophos AV Troj/Inject-CLN 20180927
Symantec Trojan.Cridex 20180927
TACHYON Backdoor/W32.Dridex.131072 20180927
Tencent Win32.Backdoor.Dridex.Dvzx 20180928
TrendMicro TSPY_KEGOTIP.YNP 20180928
TrendMicro-HouseCall TSPY_KEGOTIP.YNP 20180928
VBA32 Backdoor.Dridex 20180927
VIPRE Trojan.Win32.Generic!BT 20180927
ViRobot Trojan.Win32.Z.Dridex.131072.E 20180927
Yandex Trojan.Agent!xp8vuEkPCMY 20180927
Zillya Backdoor.Dridex.Win32.60 20180927
ZoneAlarm by Check Point Backdoor.Win32.Dridex.gu 20180925
Zoner Trojan.Dridex 20180927
Alibaba 20180921
Avast-Mobile 20180927
Babable 20180918
Baidu 20180927
CMC 20180927
DrWeb 20180927
eGambit 20180928
Kingsoft 20180928
Malwarebytes 20180927
Microsoft 20180927
Rising 20180928
SentinelOne (Static ML) 20180926
SUPERAntiSpyware 20180907
Symantec Mobile Insight 20180924
TheHacker 20180927
TotalDefense 20180925
Trustlook 20180928
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name verclsid.exe
Internal name verclsid.exe
File version 6.1.7600.16385 (win7_rtm.090713-1255)
Description Extension CLSID Verification Host
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-04-10 14:39:33
Entry Point 0x00001AA0
Number of sections 6
PE sections
PE imports
RegQueryValueExW
PolyDraw
StartPage
GetLastError
FileTimeToLocalFileTime
GetWindowsDirectoryW
LoadLibraryW
lstrcpyA
CopyFileA
FreeConsole
CompareStringOrdinal
GetProcAddress
MoveFileExA
MprAdminServerDisconnect
wnsprintfW
EnumerateSecurityPackagesW
wsprintfA
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.1.7600.16385

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Extension CLSID Verification Host

ImageFileCharacteristics
Executable, No symbols, 32-bit

CharacterSet
Unicode

InitializedDataSize
151552

EntryPoint
0x1aa0

OriginalFileName
verclsid.exe

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
6.1.7600.16385 (win7_rtm.090713-1255)

TimeStamp
2017:04:10 15:39:33+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
verclsid.exe

ProductVersion
6.1.7600.16385

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
12288

ProductName
Microsoft Windows Operating System

ProductVersionNumber
6.1.7600.16385

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 117da8ef79cb0d96c1c803709bd4827f
SHA1 e8d1972737c0c4f439350b0b297d9db4971f7240
SHA256 6739c782d114307deaac42120a7061f51f9e74a86f1e60664997a269784143f2
ssdeep
3072:2MpobNZ59u5b/+ce5drpyh1kfBFFw9PilpkCch4eSg:21NZ59uB/le5drc6fJYPilTs1

authentihash 77c46cfd6e52c328ff27d401aa5902d99838398c614b243241e6de5aafe771a6
imphash b6c65863c1795bee9de6674ac3cc19ce
Tamaño del fichero 128.0 KB ( 131072 bytes )
Tipo Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2017-04-11 11:34:04 UTC ( hace 1 año, 6 meses )
Last submission 2017-08-18 23:55:53 UTC ( hace 1 año, 1 mes )
Nombres verclsid.exe
potential_locky.exe
DRIDEX_1
localfile~
117da8ef79cb0d96c1c803709bd4827f
redchip2.exe-1491929177
redchip2.exe
redchip2 - Copy - Copy - Copy.exe-1491929177
redchip2.exe
redchip2 - Copy - Copy (2).exe-1491929177
redchip2 - Copy (2).exe-1491929177
redchip2.exe.964549679.DROPPED
DRIDEX
117da8ef79cb0d96c1c803709bd4827f.exe
redchip2.exe
redchip2.exe
A.exe
redchip2.exe
Behaviour characterization
Zemana
dll-injection

No hay comentarios. Ningún usuario ha comentado aún. ¡Sea el primero en hacerlo!

Deje su comentario...

?
Enviar comentario

No ha iniciado sesión. Solo los usuarios registrados pueden escribir comentarios.

No hay votos. Nadie ha votado aún. ¡Sea el primero!