× Cookies被禁用! 本网站需要启用Cookie才能正常工作
SHA256: 3e5a112f27896e6bf4a320d9626faf91f1a0a9ebbf744918733565fb63638992
文件名: 3e5a112f27896e6bf4a320d9626faf91f1a0a9ebbf744918733565fb63638992
检出率: 44 / 68
分析日期: 2018-09-15 11:40:19 UTC ( 8 月, 1 周 前 ) 查看最新
反病毒软件 结果 病毒库日期
Ad-Aware Trojan.GenericKD.40428300 20180913
AhnLab-V3 Trojan/Win32.Emotet.R235716 20180915
ALYac Trojan.Agent.Emotet 20180915
Antiy-AVL Trojan/Win32.Emotet 20180915
Arcabit Trojan.Generic.D268E30C 20180915
Avast Win32:BankerX-gen [Trj] 20180915
AVG Win32:BankerX-gen [Trj] 20180915
AVware Trojan.Win32.Generic!BT 20180915
BitDefender Trojan.GenericKD.40428300 20180915
CAT-QuickHeal Trojan.Emotet.X4 20180915
CrowdStrike Falcon (ML) malicious_confidence_90% (D) 20180723
Cylance Unsafe 20180915
Cyren W32/Kryptik.FN.gen!Eldorado 20180915
Emsisoft Trojan.Emotet (A) 20180915
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/Kryptik.GKFU 20180915
F-Prot W32/Kryptik.FN.gen!Eldorado 20180915
F-Secure Trojan.GenericKD.40428300 20180915
Fortinet W32/Kryptik.GKGU!tr 20180915
GData Win32.Trojan-Spy.Emotet.TA 20180915
Ikarus Trojan.Win32.Krypt 20180915
K7AntiVirus Trojan ( 0053b3d11 ) 20180915
K7GW Trojan ( 0053b3d11 ) 20180915
Kaspersky Trojan-Banker.Win32.Emotet.bbpw 20180915
Malwarebytes Trojan.Emotet 20180915
McAfee RDN/Generic.grp 20180915
McAfee-GW-Edition BehavesLike.Win32.Emotet.gt 20180915
Microsoft Trojan:Win32/Emotet.AC!bit 20180915
eScan Trojan.GenericKD.40428300 20180915
Palo Alto Networks (Known Signatures) generic.ml 20180915
Panda Trj/GdSda.A 20180915
Qihoo-360 HEUR/QVM20.1.704D.Malware.Gen 20180915
Rising Trojan.Fuerboos!8.EFC8 (TFE:2:hb1KzDlIAXU) 20180915
Sophos AV Mal/EncPk-ANX 20180915
Symantec Trojan.Emotet 20180914
Tencent Win32.Trojan-banker.Emotet.Plkv 20180915
TrendMicro TSPY_EMOTET.THHBHAH 20180915
TrendMicro-HouseCall TSPY_EMOTET.THHBHAH 20180915
VBA32 TrojanBanker.Emotet 20180914
VIPRE Trojan.Win32.Generic!BT 20180915
ViRobot Trojan.Win32.Z.Agent.460800.DM 20180915
Webroot W32.Trojan.Emotet 20180915
Zillya Trojan.GenericKD.Win32.173461 20180914
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bbpw 20180915
AegisLab 20180915
Alibaba 20180713
Avast-Mobile 20180915
Avira (no cloud) 20180915
Babable 20180907
Baidu 20180914
Bkav 20180915
ClamAV 20180915
CMC 20180915
Comodo 20180915
Cybereason 20180225
DrWeb 20180915
eGambit 20180915
Sophos ML 20180717
Jiangmin 20180915
Kingsoft 20180915
MAX 20180915
NANO-Antivirus 20180915
SentinelOne (Static ML) 20180830
SUPERAntiSpyware 20180907
Symantec Mobile Insight 20180911
TACHYON 20180915
TheHacker 20180914
TotalDefense 20180915
Trustlook 20180915
Yandex 20180915
Zoner 20180914
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name kbd106n.dll
Internal name kbd106n
File version 6.1.7600.16385 (win7_rtm.090713-1255)
Description JP Japanese Keyboard Layout for 106
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-08-26 09:20:41
Entry Point 0x0001FD6E
Number of sections 4
PE sections
PE imports
CryptSetProvParam
LockServiceDatabase
CertCreateCertificateChainEngine
CryptSIPRemoveProvider
GetTextFaceA
CreateIpForwardEntry
SetFileAttributesA
SuspendThread
OpenFile
GetModuleHandleA
GetTimeZoneInformation
ReOpenFile
ZombifyActCtx
DeleteTimerQueueTimer
IsBadWritePtr
FreeEnvironmentStringsW
GlobalMemoryStatusEx
lstrcatW
acmStreamPrepareHeader
GetActiveObject
VarBoolFromStr
glEvalMesh2
glGetString
RpcNetworkIsProtseqValidA
RpcStringFreeA
SetupDiGetDeviceRegistryPropertyA
SetupDefaultQueueCallbackW
ShellExecuteW
GetWindowThreadProcessId
GetDesktopWindow
GetInputState
SendMessageA
SubtractRect
CreateWindowExW
LookupIconIdFromDirectoryEx
UnloadKeyboardLayout
DlgDirListComboBoxA
RealGetWindowClassA
InternetSetOptionA
waveOutSetPitch
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.1.7600.16385

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
JP Japanese Keyboard Layout for 106

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
330752

EntryPoint
0x1fd6e

OriginalFileName
kbd106n.dll

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
6.1.7600.16385 (win7_rtm.090713-1255)

TimeStamp
2018:08:26 02:20:41-07:00

FileType
Win32 EXE

PEType
PE32

InternalName
kbd106n

ProductVersion
6.1.7600.16385

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
134144

ProductName
Microsoft Windows Operating System

ProductVersionNumber
6.1.7600.16385

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 bfed81f76ebc4f21d32498b2ae68d9fc
SHA1 89ce16654d4f52ee09ad828079a10213cc9f2932
SHA256 3e5a112f27896e6bf4a320d9626faf91f1a0a9ebbf744918733565fb63638992
ssdeep
6144:A1b+12EcqiDMjB6QcTp78gV01n6xuPOXq+I:A1b+rxjB6RTpogVQ+AOXq

authentihash 0c89ba717a08ab05f3210d7c3cecbb7b25d36166aa925978b41f588532f4f3ed
imphash 7a9cd2350d923ffef76e1b2e290354e4
File size 450.0 KB ( 460800 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-08-26 09:31:31 UTC ( 9 月 前 )
Last submission 2018-08-26 09:31:31 UTC ( 9 月 前 )
文件名 kbd106n
kbd106n.dll
Advanced heuristic and reputation engines
没有评论. 没有VirusTotal社区成员评论该项目,抢沙发!

发表评论

?
发表评论

您没有登录。只有注册用户可以发表评论,请登录后发表评论!

没有投票. 目前没有用户投票。