| SHA256: | bf1e59651563ae408d1f85096252e8f768373af40ac90b55b224fe48b2a1202f |
| Dateiname: | MocuMeCab.dll |
| Erkennungsrate: | 9 / 54 |
| Analyse-Datum: | 2016-07-29 09:49:17 UTC ( vor 1 Jahr, 2 Monate ) Zeige Neueste |
| Antivirus | Ergebnis | Aktualisierung |
|---|---|---|
| Ad-Aware | Gen:Variant.Razy.81371 | 20160729 |
| AegisLab | Gen.Variant.Razy!c | 20160729 |
| ALYac | Gen:Variant.Razy.81371 | 20160729 |
| Arcabit | Trojan.Razy.D13DDB | 20160729 |
| BitDefender | Gen:Variant.Razy.81371 | 20160729 |
| Emsisoft | Gen:Variant.Razy.81371 (B) | 20160729 |
| F-Secure | Gen:Variant.Razy.81371 | 20160729 |
| GData | Gen:Variant.Razy.81371 | 20160729 |
| eScan | Gen:Variant.Razy.81371 | 20160729 |
| AhnLab-V3 | 20160728 | |
| Alibaba | 20160729 | |
| Antiy-AVL | 20160729 | |
| Avast | 20160729 | |
| AVG | 20160729 | |
| Avira (no cloud) | 20160729 | |
| AVware | 20160729 | |
| Baidu | 20160729 | |
| Bkav | 20160727 | |
| CAT-QuickHeal | 20160729 | |
| ClamAV | 20160729 | |
| CMC | 20160728 | |
| Comodo | 20160729 | |
| Cyren | 20160729 | |
| DrWeb | 20160729 | |
| ESET-NOD32 | 20160729 | |
| F-Prot | 20160729 | |
| Fortinet | 20160729 | |
| Ikarus | 20160729 | |
| Jiangmin | 20160729 | |
| K7AntiVirus | 20160729 | |
| K7GW | 20160729 | |
| Kaspersky | 20160729 | |
| Kingsoft | 20160729 | |
| Malwarebytes | 20160729 | |
| McAfee | 20160729 | |
| McAfee-GW-Edition | 20160729 | |
| Microsoft | 20160729 | |
| NANO-Antivirus | 20160729 | |
| nProtect | 20160729 | |
| Panda | 20160728 | |
| Qihoo-360 | 20160729 | |
| Sophos AV | 20160729 | |
| SUPERAntiSpyware | 20160729 | |
| Symantec | 20160729 | |
| Tencent | 20160729 | |
| TheHacker | 20160729 | |
| TrendMicro | 20160729 | |
| TrendMicro-HouseCall | 20160729 | |
| VBA32 | 20160727 | |
| VIPRE | 20160729 | |
| ViRobot | 20160729 | |
| Yandex | 20160728 | |
| Zillya | 20160729 | |
| Zoner | 20160729 |
The file being studied is a Portable Executable file!
More specifically, it is a Win32 DLL
file
for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-09-22 09:20:12
Entry Point 0x00050FCA
Number of sections 5
PE sections
PE imports
PE exports
Number of PE resources by type
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream
Subsystem
Windows GUI
MachineType
Intel 386 or later, and compatibles
FileTypeExtension
dll
TimeStamp
2015:09:22 10:20:12+01:00
FileType
Win32 DLL
PEType
PE32
CodeSize
448000
LinkerVersion
12.0
EntryPoint
0x50fca
InitializedDataSize
1320960
SubsystemVersion
6.0
ImageVersion
0.0
OSVersion
6.0
UninitializedDataSize
0
Compressed bundles
File identification
MD5 3e6bf1fcf585a2b6a922b16b8e224773
SHA1 7bfccd496ed9f005a6b830c2c6b2cda496c0a208
SHA256 bf1e59651563ae408d1f85096252e8f768373af40ac90b55b224fe48b2a1202f
ssdeep
12288:HPKN4a8RDGImehihqLpQka9jlgHxTol5tZad/adiCa2iF3WW:HPKQGHeEGCR9jlCTDwC5oW
File size
1.7 MB ( 1760768 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit
| TrID |
Win32 Executable MS Visual C++ (generic) (42.2%) Win64 Executable (generic) (37.3%) Win32 Dynamic Link Library (generic) (8.8%) Win32 Executable (generic) (6.0%) Generic Win/DOS Executable (2.7%) |
Tags
pedll
VirusTotal metadata
First submission
2016-04-28 22:39:16 UTC ( vor 1 Jahr, 5 Monate )
Last submission
2017-08-14 23:57:52 UTC ( vor 1 Monat, 3 Wochen )
| Dateinamen |
MOCUMECAB.DLL MocuMeCab.dll |
Advanced heuristic and reputation engines
TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: TROJ_GEN.R047H09GO16.
F-Secure Deepguard
Suspicious:W32/Malware!Online
Keine Kommentare.
Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!
Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!
Keine Bewertungen.
Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!