× الكوكيز معطل! هذا الموقع يتطلب تمكين الكوكيز للعمل بشكل صحيح
SHA256: 323027c74eacdb766de88bce24aa8a9fe661dd6e0dfa638cccb89b535bb8ba31
إسم الملف: TurboActivate.dll
نسبة الفحص: 39 / 65
تاريخ الفحص 2018-08-21 03:55:28 UTC ( 8 أشهر مضت ) مشاهدة الأخير
مكافح الفيروسات النتيجة التحديث
Ad-Aware Trojan.GenericKD.4472517 20180821
AegisLab Trojan.Multi.Generic.4!c 20180821
ALYac Trojan.GenericKD.4472517 20180821
Antiy-AVL Trojan/Win32.TSGeneric 20180821
Arcabit Trojan.Generic.D443EC5 20180821
Avast Win32:Malware-gen 20180821
AVG Win32:Malware-gen 20180821
AVware Trojan.Win32.Generic!BT 20180821
BitDefender Trojan.GenericKD.4472517 20180821
Bkav W32.HfsAutoB. 20180820
CAT-QuickHeal Trojan.IGENERIC 20180820
CrowdStrike Falcon (ML) malicious_confidence_80% (D) 20180723
Cylance Unsafe 20180821
Cyren W32/GenBl.88F61376!Olympus 20180821
Emsisoft Trojan.GenericKD.4472517 (B) 20180821
Endgame malicious (high confidence) 20180730
F-Prot W32/Heuristic-162!Eldorado 20180821
F-Secure Trojan.GenericKD.4472517 20180821
Fortinet PossibleThreat 20180821
GData Trojan.GenericKD.4472517 20180821
Sophos ML heuristic 20180717
K7AntiVirus Trojan ( 005257651 ) 20180820
K7GW Trojan ( 005257651 ) 20180820
MAX malware (ai score=99) 20180821
McAfee Generic.dx!88F61376407F 20180821
McAfee-GW-Edition Generic.dx!88F61376407F 20180821
eScan Trojan.GenericKD.4472517 20180821
NANO-Antivirus Trojan.Win32.Crypted.cjebya 20180821
Panda Trj/CI.A 20180820
SentinelOne (Static ML) static engine - malicious 20180701
Sophos AV Mal/Packer 20180821
Symantec Trojan.Gen 20180821
Tencent Win32.Trojan.Crypted.Eehq 20180821
TheHacker W32/Behav-Heuristic-063 20180821
TrendMicro TROJ_GEN.R011C0OGR18 20180821
TrendMicro-HouseCall TROJ_GEN.R011C0OGR18 20180821
VIPRE Trojan.Win32.Generic!BT 20180821
Webroot W32.Downloader.Gen 20180821
Yandex Packed/NSPack 20180820
AhnLab-V3 20180821
Avast-Mobile 20180820
Avira (no cloud) 20180821
Babable 20180725
Baidu 20180820
ClamAV 20180821
CMC 20180817
Comodo 20180821
Cybereason 20180308
DrWeb 20180821
eGambit 20180821
ESET-NOD32 20180821
Ikarus 20180820
Jiangmin 20180821
Kaspersky 20180821
Kingsoft 20180821
Malwarebytes 20180821
Microsoft 20180821
Palo Alto Networks (Known Signatures) 20180821
Qihoo-360 20180821
Rising 20180821
SUPERAntiSpyware 20180821
Symantec Mobile Insight 20180814
TACHYON 20180821
Trustlook 20180821
VBA32 20180820
ViRobot 20180820
ZoneAlarm by Check Point 20180821
Zoner 20180820
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2005-2012 wyDay

Product TurboActivate
Original name TurboActivate.dll
Internal name TurboActivate
File version 3.2.2.0
Description TurboActivate
Packers identified
Command NSPack, PE_Patch
F-PROT PE_Patch, NSPack
PEiD NsPacK V3.7 -> LiuXingPing
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-05-06 00:31:46
Entry Point 0x000B5800
Number of sections 3
PE sections
PE imports
InitializeSecurityDescriptor
GetAdaptersInfo
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
CoCreateInstance
SysFreeString
SHGetFolderPathW
PathAppendW
WinHttpCloseHandle
getsockname
PE exports
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
dll

TimeStamp
2012:05:06 01:31:46+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
0

LinkerVersion
10.0

ImageFileCharacteristics
Executable, 32-bit, DLL

EntryPoint
0xb5800

InitializedDataSize
262144

SubsystemVersion
5.1

ImageVersion
0.0

OSVersion
5.1

UninitializedDataSize
737280

Execution parents
Compressed bundles
File identification
MD5 88f61376407f0f5d97532b652bdd9f66
SHA1 028bb1cede2889cf8eb410837cfbea1a35a3db9a
SHA256 323027c74eacdb766de88bce24aa8a9fe661dd6e0dfa638cccb89b535bb8ba31
ssdeep
6144:MrY8fcVsY2IhvrbwrXlaP/oGctIfZjiQ5rVJ:nCc+3IJ08P/oGctIfZ2Qd

authentihash 2f34861fc87c1e588b1077b5b6f1069975058dc81aea3d4599d7a7c46032d4ea
imphash 677501ecd274d8c17edd8a4e8041b4eb
File size 254.8 ك.ب ( 260935 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
nspack pedll

VirusTotal metadata
First submission 2013-03-13 19:07:36 UTC ( 6 سنوات، 1 شهر مضت )
Last submission 2019-02-08 08:29:02 UTC ( 2 شهران، 1 أسبوع مضت )
أسماء الملفات TurboActivate.dll
TurboActivate.dll
TurboActivate
TurboActivate.dll
TurboActivate.dll
Activate.dll
69dd9d438129638d20cdd66b7e4148ec_TurboActivate.dll.safe
TurboActivate.dll
TurboActivate.dll
88f61376407f0f5d97532b652bdd9f66
TurboActivate.dll
(Virus)TurboActivate.dll
TurboActivate (1).dll
file-5255763_dll
turboactivate.dll
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: TROJ_GEN.R08OC0EG416.

لا توجد تعليقات. لا يوجد أحد من أعضاء مجتمع فايروس توتال قام بالتعليق على هذا الملف حتى الآن، كٌن اول شخص يفعل ذلك!

أترك تعليقك...

?
إضافة تعليق

لم تقم بتسجيل الدخول.فقط الأعضاء المسجلون لدينا يملكون صلاحية الرد, قم بتسجيل الدخول وشارك بصوتك !

لا توجد تصويتات. لا احد صوت على هذا الملف من قبل، كٌن اول شخص يفعل ذلك!