× Cookies er deaktiveret! Denne side kræver cookies for at fungere korrekt
SHA256: 2fba569d0875dea7724285d61f792e28a67a2707772beb33749e4be5931ec82c
Filnavn: up.jpg
Opdagelses forhold: 34 / 57
Undersøgelses dato: 2015-08-20 07:41:28 UTC ( 2 år, 2 månederiden )
Antivirus Resultat Opdatere
Ad-Aware Trojan.GenericKD.2641857 20150821
Yandex Trojan.DL.Delf!hcV0K/agv7o 20150820
AhnLab-V3 Malware/Win32.Generic 20150821
ALYac Trojan.GenericKD.2641857 20150821
Antiy-AVL Trojan/Win32.TSGeneric 20150821
Arcabit Trojan.Generic.D284FC1 20150821
Avast Win32:Trojan-gen 20150821
AVG Downloader.Banload2.AHPF 20150821
Avira (no cloud) TR/Dldr.Banload.45568.18 20150821
AVware Trojan-Downloader.Win32.Delf 20150821
Baidu-International Trojan.Win32.Banload.WGR 20150821
BitDefender Trojan.GenericKD.2641857 20150821
Cyren W32/Banload.BV.gen!Eldorado 20150821
Emsisoft Trojan.GenericKD.2641857 (B) 20150821
ESET-NOD32 a variant of Win32/TrojanDownloader.Banload.WGR 20150821
F-Prot W32/Banload.BV.gen!Eldorado 20150821
F-Secure Trojan.GenericKD.2641857 20150821
Fortinet W32/Delf.BCGM!tr.dldr 20150821
GData Trojan.GenericKD.2641857 20150821
Ikarus Trojan-Downloader.Win32.Banload 20150821
K7AntiVirus Trojan-Downloader ( 004ccf161 ) 20150821
K7GW Trojan-Downloader ( 004ccf161 ) 20150821
Kaspersky Trojan-Downloader.Win32.Delf.bcgm 20150821
McAfee RDN/Generic Downloader.x 20150821
McAfee-GW-Edition RDN/Generic Downloader.x 20150821
Microsoft TrojanDownloader:Win32/Banload.BCN 20150821
eScan Trojan.GenericKD.2641857 20150821
NANO-Antivirus Trojan.Win32.Delf.dvgaaf 20150821
Panda Trj/CI.A 20150821
Qihoo-360 HEUR/QVM25.0.Malware.Gen 20150821
Sophos AV Mal/Generic-S 20150821
Symantec Downloader 20150821
TrendMicro TROJ_GEN.R00GC0OHE15 20150821
VIPRE Trojan-Downloader.Win32.Delf 20150821
AegisLab 20150821
Alibaba 20150821
Bkav 20150821
ByteHero 20150821
CAT-QuickHeal 20150821
ClamAV 20150821
CMC 20150819
Comodo 20150821
DrWeb 20150821
Jiangmin 20150820
Kingsoft 20150821
Malwarebytes 20150821
nProtect 20150821
Rising 20150821
SUPERAntiSpyware 20150821
Tencent 20150821
TheHacker 20150820
TotalDefense 20150821
TrendMicro-HouseCall 20150821
VBA32 20150821
ViRobot 20150821
Zillya 20150820
Zoner 20150821
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x000092E8
Number of sections 7
PE sections
PE imports
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetLastError
GetStdHandle
EnterCriticalSection
lstrlenA
FreeLibrary
ExitProcess
GetThreadLocale
TlsAlloc
GetVersionExA
GetModuleFileNameA
RtlUnwind
WinExec
DeleteCriticalSection
GetStartupInfoA
LoadLibraryExA
GetLocaleInfoA
LocalAlloc
GetCPInfo
UnhandledExceptionFilter
GetCommandLineA
GetProcAddress
SetFilePointer
RaiseException
CloseHandle
WideCharToMultiByte
TlsFree
GetModuleHandleA
FindFirstFileA
GetCurrentProcessId
WriteFile
EnumCalendarInfoA
ReadFile
lstrcpynA
GetACP
GetDiskFreeSpaceA
GetCurrentThreadId
LocalFree
InitializeCriticalSection
VirtualQuery
VirtualFree
FindClose
TlsGetValue
Sleep
GetFileType
SetEndOfFile
TlsSetValue
CreateFileA
GetStringTypeExA
GetVersion
VirtualAlloc
GetFileSize
LeaveCriticalSection
SysFreeString
GetSystemMetrics
LoadStringA
CharNextA
MessageBoxA
GetKeyboardType
CharToOemA
PE exports
Number of PE resources by type
RT_STRING 6
RT_RCDATA 2
Number of PE resources by language
NEUTRAL 8
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
dll

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
33792

LinkerVersion
2.25

EntryPoint
0x92e8

InitializedDataSize
10752

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 692eedb2b519b86f9d5a1e4a85b7b606
SHA1 d2c7a917c2bb48b1a244d6f353728af453787655
SHA256 2fba569d0875dea7724285d61f792e28a67a2707772beb33749e4be5931ec82c
ssdeep
768:ByFqLbQ4xwElPyLdsvtP44ruK/9Wt3FUePLS0xb+Er+tgZ8JtK:4FqLbQ4mqv14kwt3FmgbCe2DK

authentihash 4453d88077afe7cd1d13709cefc9e7ba39217653ea2ab925635118aede885348
imphash c28892d0526f4c65e859547146569ba9
File size 44.5 KB ( 45568 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable Delphi generic (45.2%)
Win32 Dynamic Link Library (generic) (20.9%)
Win32 Executable (generic) (14.3%)
Win16/32 Executable Delphi generic (6.6%)
Generic Win/DOS Executable (6.3%)
Tags
pedll

VirusTotal metadata
First submission 2015-08-13 07:41:01 UTC ( 2 år, 2 månederiden )
Last submission 2015-08-13 07:41:01 UTC ( 2 år, 2 månederiden )
Filnavne up.jpg
Ingen kommentarer. Ingen af VirusTotal's medlemmer har kommenteret denne enhed, bliv den første til at gøre dette.

Efterlad din kommentar...

?
Send kommentar

Du er ikke logget ind. Kun registrerede brugere kan skrive kommentarer, log ind!

Ingen stemmer. Ingen har bedømt denne enhed endnu, bliv den første der gør det!