× Cookie が無効になっています。 このサイトを正しく動作させるには、Cookie を有効にする必要があります
SHA256: d9482b09082b3d23630c1af073fc75e8a5e537e8622f4a2d9cb2f5689f38dcb1
ファイル名: fa8ab26527b3aeae81f9954ab0002c7b
検出率: 36 / 64
分析日時: 2019-03-15 00:19:08 UTC (2 ヶ月, 1 週間前)
ウイルス対策ソフト 結果 更新日
Acronis suspicious 20190313
Ad-Aware Gen:Variant.Ulise.30579 20190314
AhnLab-V3 Trojan/Win32.Kryptik.R258360 20190314
ALYac Trojan.Agent.Emotet 20190315
Avast Win32:BankerX-gen [Trj] 20190315
AVG Win32:BankerX-gen [Trj] 20190315
Avira (no cloud) TR/Crypt.Agent.binzx 20190314
BitDefender Gen:Variant.Ulise.30579 20190315
CrowdStrike Falcon (ML) win/malicious_confidence_100% (D) 20190212
Cybereason malicious.2163a8 20190109
DrWeb Trojan.Siggen8.14473 20190315
Emsisoft Gen:Variant.Ulise.30579 (B) 20190315
Endgame malicious (high confidence) 20190215
ESET-NOD32 a variant of Win32/Kryptik.EEPQ 20190315
F-Secure Trojan.TR/Crypt.Agent.binzx 20190315
Fortinet W32/Kryptik.CQLG!tr 20190315
GData Gen:Variant.Ulise.30579 20190314
Sophos ML heuristic 20190313
K7AntiVirus Trojan ( 005035ef1 ) 20190314
K7GW Trojan ( 005035ef1 ) 20190314
Kaspersky Trojan-Banker.Win32.Emotet.cmeu 20190315
MAX malware (ai score=84) 20190315
McAfee Emotet-FMI!FA8AB26527B3 20190314
Microsoft Trojan:Win32/Fuerboos.D!cl 20190314
eScan Gen:Variant.Ulise.30579 20190314
Palo Alto Networks (Known Signatures) generic.ml 20190315
Panda Trj/GdSda.A 20190314
Qihoo-360 HEUR/QVM20.1.D935.Malware.Gen 20190315
Rising Trojan.Kryptik!8.8 (RDM+:cmRtazrXmBOEGxC59x2YWVZw91j0) 20190314
SentinelOne (Static ML) DFI - Malicious PE 20190311
Sophos AV Mal/Emotet-Q 20190315
Trapmine malicious.high.ml.score 20190301
TrendMicro-HouseCall TrojanSpy.Win32.EMOTET.SMAL08 20190314
VBA32 BScope.Malware-Cryptor.Emotet 20190314
Zillya Trojan.Emotet.Win32.15419 20190314
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.cmeu 20190314
AegisLab 20190314
Alibaba 20190306
Antiy-AVL 20190314
Arcabit 20190315
Avast-Mobile 20190314
Babable 20180918
Baidu 20190306
Bkav 20190314
CAT-QuickHeal 20190314
ClamAV 20190314
CMC 20190314
Comodo 20190314
Cyren 20190315
eGambit 20190315
Jiangmin 20190314
Kingsoft 20190315
Malwarebytes 20190315
McAfee-GW-Edition 20190314
NANO-Antivirus 20190314
SUPERAntiSpyware 20190314
Symantec Mobile Insight 20190220
TACHYON 20190314
Tencent 20190315
TheHacker 20190308
TotalDefense 20190314
Trustlook 20190315
ViRobot 20190314
Yandex 20190314
Zoner 20190315
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright 2009-10 Adobe Systems Incorporated. All rights reserved.

Product Adobe ipdater AAM Launcher
Original name aamlauncher.exe
Internal name aamlauncher.exe
File version 1\,0\,0\,67
Description Adobe ipdater AAM Launcher
Signature verification A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Signing date 1:19 AM 3/15/2019
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2019-03-10 13:30:11
Entry Point 0x00001170
Number of sections 4
PE sections
Overlays
MD5 78c3519ecdca40f2b09ff993a0e540a6
File type data
Offset 225792
Size 3336
Entropy 7.33
PE imports
RegCreateKeyExW
RegCloseKey
CopySid
RegQueryValueExA
InitializeAcl
InitializeSecurityDescriptor
RegQueryValueExW
SetSecurityDescriptorDacl
RegOpenKeyA
AddAccessAllowedAce
RegOpenKeyExW
RegOpenKeyExA
GetTokenInformation
DuplicateTokenEx
GetUserNameW
IsValidSid
RegDeleteValueW
GetLengthSid
RegEnumKeyExA
RegQueryInfoKeyA
RegEnumValueW
RegSetValueExW
FreeSid
AllocateAndInitializeSid
CheckTokenMembership
CreateToolbarEx
STROBJ_bEnum
SetGraphicsMode
ColorMatchToTarget
GetWindowOrgEx
CreateHalftonePalette
CreatePen
CreateFontIndirectA
GdiFullscreenControl
EngGradientFill
EngCheckAbort
EngMarkBandingSurface
EngReleaseSemaphore
RemoveFontResourceExW
CreateBitmapIndirect
FONTOBJ_pvTrueTypeFontFile
GdiEntry15
PolyPatBlt
AbortPath
SetTextAlign
GetDCOrgEx
GetCharWidth32A
BRUSHOBJ_pvGetRbrush
SelectBrushLocal
CloseMetaFile
CreateColorSpaceW
SetBitmapDimensionEx
CombineTransform
GdiTransparentBlt
DeleteObject
GetVolumePathNameW
GetStdHandle
GetDriveTypeW
ReleaseMutex
GetOverlappedResult
WaitForSingleObject
GetDriveTypeA
EncodePointer
GenerateConsoleCtrlEvent
GetDateFormatA
GetFileAttributesW
GetCommandLineW
SystemTimeToTzSpecificLocalTime
DeleteCriticalSection
GetDiskFreeSpaceA
GetConsoleMode
GetVolumeInformationW
_llseek
FreeEnvironmentStringsW
ReadFileScatter
SetStdHandle
GetCommModemStatus
WideCharToMultiByte
GetFileAttributesA
InterlockedExchange
GetTempPathW
GetSystemTimeAsFileTime
GetCommandLineA
HeapReAlloc
GetStringTypeW
GetOEMCP
HeapLock
GetExitCodeProcess
CreateEventW
OutputDebugStringW
FindClose
TlsGetValue
FormatMessageA
SetLastError
GetSystemTime
InterlockedDecrement
FindNextVolumeA
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
RemoveDirectoryA
VerSetConditionMask
SetConsoleCtrlHandler
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
VerifyVersionInfoW
SetFilePointerEx
DeleteTimerQueue
GetModuleHandleA
GetSystemDirectoryW
SetUnhandledExceptionFilter
GetCurrentProcess
CreateMutexW
IsProcessorFeaturePresent
ClearCommError
GetSystemDirectoryA
DecodePointer
SetEnvironmentVariableA
TerminateProcess
SearchPathW
GetModuleHandleExW
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
PeekNamedPipe
LoadLibraryW
EndUpdateResourceW
SetEvent
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetACP
FreeLibrary
GetProcessIoCounters
GetFileSize
SetCommMask
GetStartupInfoW
CreateDirectoryW
GetProcAddress
GetNamedPipeHandleStateW
GetProcessHeap
CreateFileMappingW
CompareStringW
WriteFile
SetDefaultCommConfigA
FindFirstFileA
InterlockedIncrement
GetPrivateProfileSectionW
GetModuleFileNameA
GetTimeZoneInformation
SetCommState
CreateFileW
GetFileType
TlsSetValue
ExitProcess
OpenJobObjectA
GetLastError
SystemTimeToFileTime
LCMapStringW
VirtualAllocEx
GetSystemInfo
GetConsoleCP
GetConsoleAliasesLengthW
GetEnvironmentStringsW
lstrlenW
GetCPInfo
SetupComm
GetCurrentProcessId
GetCompressedFileSizeW
GetCurrentDirectoryA
HeapSize
SetThreadAffinityMask
InterlockedCompareExchange
ExpandEnvironmentStringsW
RaiseException
MapViewOfFile
TlsFree
SetFilePointer
CloseHandle
OpenMutexW
DeleteVolumeMountPointA
GetModuleHandleW
BindIoCompletionCallback
CreateProcessA
IsValidCodePage
UnmapViewOfFile
OpenEventW
SetConsoleDisplayMode
CreateProcessW
GetConsoleAliasExesLengthW
Sleep
GetProcessVersion
OpenSemaphoreW
VirtualAlloc
DragQueryFileW
SHPathPrepareForWriteA
SHBrowseForFolderW
SHGetDiskFreeSpaceA
ExtractAssociatedIconExA
Shell_NotifyIcon
ExtractIconW
SHGetFileInfoA
SHFormatDrive
SHInvokePrinterCommandW
ShellExecuteEx
ExtractIconEx
SHEmptyRecycleBinA
ShellAboutW
SHGetPathFromIDListA
SHGetMalloc
SHGetIconOverlayIndexW
DragQueryFile
SHIsFileAvailableOffline
SHFreeNameMappings
SHCreateProcessAsUserW
SHGetSpecialFolderPathW
FindExecutableA
SHGetSettings
ExtractIconExW
SHAppBarMessage
SHGetPathFromIDList
CommandLineToArgvW
StrChrW
PathIsRelativeW
StrRChrW
StrCmpNW
StrCmpNIW
PathIsUNCW
StrCmpNIA
StrChrA
PathStripToRootW
PathIsRootW
CharPrevA
GetMessagePos
SetClassLongW
SetUserObjectSecurity
GetClassInfoExA
ClipCursor
SetMenuContextHelpId
DrawStateW
HiliteMenuItem
IsWindow
GrayStringA
OemToCharBuffW
AdjustWindowRectEx
PostMessageW
GetMenuBarInfo
CreateMDIWindowW
DefFrameProcA
GetThreadDesktop
wsprintfA
DrawFrame
GetTopWindow
CloseDesktop
MsgWaitForMultipleObjects
DialogBoxIndirectParamA
GetMenuStringW
CoUninitialize
CoInitializeEx
CoCreateInstance
CoTaskMemFree
CoInitialize
Number of PE resources by type
RT_RCDATA 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
68096

ImageVersion
0.0

ProductName
Adobe ipdater AAM Launcher

FileVersionNumber
1.0.0.67

LanguageCode
Unknown (4009)

FileFlagsMask
0x0017

BuildDate
Mon Feb 15 2010 02:31:20

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
9.0

FileTypeExtension
exe

OriginalFileName
aamlauncher.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1\,0\,0\,67

TimeStamp
2019:03:10 14:30:11+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
aamlauncher.exe

SubsystemVersion
5.0

ProductVersion
1.0.0.67 (BuildVersion: 1.0; BuildDate: BUILDDATETIME)

FileDescription
Adobe ipdater AAM Launcher

OSVersion
5.0

FileOS
Win32

LegalCopyright
Copyright 2009-10 Adobe Systems Incorporated. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
Adobe Systems Incorporated

BuildVersion
1.0.0.67

CodeSize
156672

FileSubtype
0

ProductVersionNumber
1.0.0.67

EntryPoint
0x1170

ObjectFileType
Dynamic link library

File identification
MD5 fa8ab26527b3aeae81f9954ab0002c7b
SHA1 06efe622163a81340854cda7caa9d64e921d17a1
SHA256 d9482b09082b3d23630c1af073fc75e8a5e537e8622f4a2d9cb2f5689f38dcb1
ssdeep
3072:g0KCxwcgoq2lLlUiyeg/Mbyqggcqacel0pETATDf3D5JXysx/AhxulAn+L:g0KTEvDUi91ggOTMLdJiiAfulQu

authentihash 015d13a6840bd1d0a5b7a1f1d31f05dd5fe583c879ba7e180f1e93d354e992f2
imphash bd03c739fab9a8f85a73ee880aec1e1c
File size 223.8 KB ( 229128 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (64.5%)
Win32 Dynamic Link Library (generic) (13.6%)
Win32 Executable (generic) (9.3%)
OS/2 Executable (generic) (4.1%)
Generic Win/DOS Executable (4.1%)
Tags
peexe overlay

VirusTotal metadata
First submission 2019-03-15 00:19:08 UTC (2 ヶ月, 1 週間前)
Last submission 2019-03-15 00:19:08 UTC (2 ヶ月, 1 週間前)
ファイル名 aamlauncher.exe
コメントはありません. この項目について、VirusTotal コミュニティのメンバーはまだ誰もコメントしていません。是非、コメントしてください。

コメントを投稿してください...

?
コメントを投稿

サインインしていません。登録ユーザーのみがコメントを投稿できます。サインインして意見をお聞かせください。

投票はありません. この項目に対してまだ誰も投票していません。是非、投票してください。
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Moved files
Deleted files
Created processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
HTTP requests
TCP connections