× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2a35aba61a35d2e8be5c329a7385d5c2887c32e328cec146732db3a6c7782a41
File name: iertutil.dll
Detection ratio: 0 / 57
Analysis date: 2016-06-28 14:35:53 UTC ( 9 months ago )
Trusted source! This file belongs to the Microsoft Corporation software catalogue.
Antivirus Result Update
ALYac 20160628
AVG 20160628
AVware 20160627
Ad-Aware 20160628
AegisLab 20160628
Yandex 20160626
AhnLab-V3 20160628
Alibaba 20160628
Antiy-AVL 20160628
Arcabit 20160628
Avast 20160628
Avira (no cloud) 20160628
Baidu 20160628
Baidu-International 20160614
BitDefender 20160628
Bkav 20160628
CAT-QuickHeal 20160628
CMC 20160627
ClamAV 20160628
Comodo 20160628
Cyren 20160628
DrWeb 20160628
ESET-NOD32 20160628
Emsisoft 20160628
F-Prot 20160628
F-Secure 20160628
Fortinet 20160628
GData 20160628
Ikarus 20160628
Jiangmin 20160628
K7AntiVirus 20160628
K7GW 20160628
Kaspersky 20160628
Kingsoft 20160628
Malwarebytes 20160628
McAfee 20160628
McAfee-GW-Edition 20160628
eScan 20160628
Microsoft 20160628
NANO-Antivirus 20160628
Panda 20160628
Qihoo-360 20160628
SUPERAntiSpyware 20160628
Sophos 20160628
Symantec 20160628
Tencent 20160628
TheHacker 20160628
TotalDefense 20160628
TrendMicro 20160628
TrendMicro-HouseCall 20160628
VBA32 20160627
VIPRE 20160628
ViRobot 20160628
Yandex 20160626
Zillya 20160627
Zoner 20160628
nProtect 20160628
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Windows® Internet Explorer
Original name IeRtUtil.dll
Internal name IeRtUtil.dll
File version 7.00.5730.11 (winmain(wmbla).061017-1135)
Description Run time utility for Internet Explorer
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2006-10-17 19:57:14
Entry Point 0x0000132D
Number of sections 4
PE sections
PE imports
RegCreateKeyExW
RegCloseKey
CopySid
RegQueryValueExA
GetAce
InitializeAcl
RegDeleteKeyW
GetAclInformation
RegQueryValueExW
GetSidSubAuthorityCount
GetSidSubAuthority
ConvertStringSecurityDescriptorToSecurityDescriptorW
OpenProcessToken
DeregisterEventSource
AddAccessAllowedAce
RegOpenKeyExW
CreateProcessAsUserW
RegisterEventSourceA
SetTokenInformation
RegOpenKeyExA
ConvertSidToStringSidW
GetTokenInformation
DuplicateTokenEx
GetKernelObjectSecurity
IsValidSid
RegQueryInfoKeyW
RegDeleteValueW
OpenThreadToken
GetSecurityDescriptorSacl
CreateRestrictedToken
GetLengthSid
ConvertStringSidToSidW
InitializeSid
SetSecurityInfo
RegEnumValueW
RegSetValueExW
FreeSid
GetSidLengthRequired
ReportEventW
AllocateAndInitializeSid
EqualSid
AddAce
GetDeviceCaps
OpenFileMappingW
GetSystemTime
GetLastError
GetVolumePathNameW
HeapFree
LocalReAlloc
GetDriveTypeW
ReleaseMutex
GetSystemInfo
lstrlenA
LoadLibraryW
WaitForSingleObject
GetVersionExW
FreeLibrary
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
HeapAlloc
SystemTimeToFileTime
GetVersionExA
GetFileAttributesW
LoadLibraryA
lstrlenW
DeleteCriticalSection
GetCurrentProcess
EnterCriticalSection
CompareFileTime
GetThreadLocale
LocalAlloc
OpenProcess
UnhandledExceptionFilter
GetLogicalDrives
CreateDirectoryW
GetProcAddress
InterlockedCompareExchange
GetProcessHeap
CreateFileMappingW
GetModuleFileNameW
GetSystemDefaultLangID
RaiseException
MapViewOfFile
ExpandEnvironmentStringsW
lstrcmpA
LeaveCriticalSection
InterlockedExchange
SetUnhandledExceptionFilter
GetTempPathW
GetModuleHandleA
CreateMutexW
CloseHandle
GetSystemTimeAsFileTime
GlobalMemoryStatusEx
DuplicateHandle
HeapReAlloc
GetModuleHandleW
CompareStringW
LocalFree
OpenEventA
TerminateProcess
InitializeCriticalSection
UnmapViewOfFile
CreateFileW
GetDiskFreeSpaceExW
InterlockedDecrement
Sleep
SetFileAttributesW
GetTickCount
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
SetLastError
InterlockedIncrement
GetWindowThreadProcessId
ReleaseDC
GetSystemMetrics
GetUserObjectInformationW
PostQuitMessage
TranslateMessage
WaitForInputIdle
DispatchMessageW
GetMessageW
GetShellWindow
GetThreadDesktop
GetDC
_amsg_exit
strncat
malloc
memset
memmove
_unlock
_adjust_fdiv
_lock
wcschr
__dllonexit
_onexit
_wcslwr
memcpy
_wcsicmp
_strlwr
free
wcsrchr
_initterm
_vsnwprintf
towupper
_XcptFilter
RtlUnwind
PE exports
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.1

InitializedDataSize
31744

ImageVersion
6.0

ProductName
Windows Internet Explorer

FileVersionNumber
7.0.5730.11

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
8.0

FileTypeExtension
dll

OriginalFileName
IeRtUtil.dll

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
7.00.5730.11 (winmain(wmbla).061017-1135)

TimeStamp
2006:10:17 20:57:14+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
IeRtUtil.dll

ProductVersion
7.00.5730.11

FileDescription
Run time utility for Internet Explorer

OSVersion
6.0

FileOS
Windows NT 32-bit

LegalCopyright
Microsoft Corporation. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
234496

FileSubtype
0

ProductVersionNumber
7.0.5730.11

EntryPoint
0x132d

ObjectFileType
Dynamic link library

File identification
MD5 c9f48c6a6963bab7d1b5d025212d8f36
SHA1 f9a3ed8554454e80aa769a674b23cf0865721602
SHA256 2a35aba61a35d2e8be5c329a7385d5c2887c32e328cec146732db3a6c7782a41
ssdeep
6144:qwukB0nTQA2FIPlZznlUJZCKV+O2BiadbtMO:lansAjPlZQBV+V7j

authentihash 8ac3fd22797f8a60c4c82ed61c0749f2695a708aaf1decf501057be832411ffd
imphash 5d2697ab66b8912dd623b269dc272d20
File size 260.5 KB ( 266752 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (50.4%)
Win 9x/ME Control Panel applet (25.1%)
Win32 Dynamic Link Library (generic) (10.6%)
Win32 Executable (generic) (7.2%)
Generic Win/DOS Executable (3.2%)
Tags
pedll trusted

Trusted verdicts
This file belongs to the Microsoft Corporation software catalogue. The file is often found with iertutil.dll as its name. The file belongs to the Windows XP Embedded product, it can be found, for example, in SW CD Windows XP Embed w/SP2 EMB English #1 Internet Explorer 7.0 OEM.
VirusTotal metadata
First submission 2009-05-26 18:02:52 UTC ( 7 years, 10 months ago )
Last submission 2016-06-01 18:57:52 UTC ( 10 months ago )
File names file-2443211_dll
iertutil.dll
iertutil.dll
smona_2a35aba61a35d2e8be5c329a7385d5c2887c32e328cec146732db3a6c7782a41.bin
wiertutil.dll
iertutil.dll
c9f48c6a6963bab7d1b5d025212d8f36_iertutil.dll
iertutil(2).dll
DPTJDAQWHW-690.pms.dll.SVD
smona131320151703145030665
iertutil.dll
C9F48C6A6963BAB7D1B5D025212D8F36
iertutil (58).dll
IeRtUtil.dll
iertutil.dll
f9a3ed8554454e80aa769a674b23cf0865721602
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!