× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 00ce05a515ac0c081636712979b6c04b02b3089cc3e3a2af2554a6ff62330f85
File name: p2pcollab.dll
Detection ratio: 2 / 57
Analysis date: 2015-01-27 21:19:57 UTC ( 3 years, 10 months ago ) View latest
Antivirus Result Update
Malwarebytes Trojan.FakeMS.ED 20150127
Sophos AV Mal/Vawtrak-I 20150127
Ad-Aware 20150127
AegisLab 20150127
Yandex 20150127
AhnLab-V3 20150127
Alibaba 20150127
ALYac 20150127
Antiy-AVL 20150127
Avast 20150127
AVG 20150127
Avira (no cloud) 20150127
AVware 20150127
Baidu-International 20150127
BitDefender 20150127
Bkav 20150127
ByteHero 20150127
CAT-QuickHeal 20150127
ClamAV 20150127
CMC 20150127
Comodo 20150127
Cyren 20150127
DrWeb 20150127
Emsisoft 20150127
ESET-NOD32 20150127
F-Prot 20150127
F-Secure 20150127
Fortinet 20150127
GData 20150127
Ikarus 20150127
Jiangmin 20150127
K7AntiVirus 20150127
K7GW 20150127
Kaspersky 20150127
Kingsoft 20150127
McAfee 20150127
McAfee-GW-Edition 20150127
Microsoft 20150127
eScan 20150127
NANO-Antivirus 20150127
Norman 20150127
nProtect 20150127
Panda 20150127
Qihoo-360 20150127
Rising 20150127
SUPERAntiSpyware 20150127
Symantec 20150127
Tencent 20150127
TheHacker 20150126
TotalDefense 20150127
TrendMicro 20150127
TrendMicro-HouseCall 20150127
VBA32 20150127
VIPRE 20150127
ViRobot 20150127
Zillya 20150127
Zoner 20150127
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem that targets 64bit architectures.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Internet Information Services
Original name w3isapi.dll
Internal name w3isapi.dll
File version 6.0.3790.1830 (srv03_sp1_rtm.050324-1447)
Description IIS ISAPI Handler
PE header basic information
Target machine x64
Compilation timestamp 2004-06-28 15:16:51
Entry Point 0x000018BD
Number of sections 6
PE sections
Overlays
MD5 b3330a9d2b6c2373b8d7db8d0cf6cf0c
File type data
Offset 72704
Size 107848
Entropy 8.00
PE imports
RegCreateKeyExW
RegCloseKey
CopySid
AdjustTokenPrivileges
InitializeAcl
LookupPrivilegeValueW
RegDeleteKeyW
InitializeSecurityDescriptor
RegQueryValueExW
SetSecurityDescriptorDacl
GetFileSecurityW
DuplicateToken
AddAccessAllowedAce
RegOpenKeyExW
SetFileSecurityW
RegOpenKeyW
GetTokenInformation
CloseEventLog
RegQueryInfoKeyW
RegEnumKeyExW
GetLengthSid
RegDeleteValueW
RevertToSelf
RegSetValueExW
SetSecurityDescriptorControl
OpenSCManagerW
ReportEventW
AllocateAndInitializeSid
CheckTokenMembership
ImpersonateLoggedOnUser
GetFileAttributesA
GetFileAttributesW
lstrcmpW
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
LocalAlloc
lstrcatA
GetVolumeInformationW
SetErrorMode
SetFileAttributesA
GetFileTime
FindResourceExA
WideCharToMultiByte
lstrcmpiA
WriteFile
GetSystemTimeAsFileTime
GetDiskFreeSpaceA
GetFullPathNameA
GetOEMCP
LocalFree
ResumeThread
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
TlsGetValue
GetProfileIntA
SetFileAttributesW
GetStringTypeExA
OutputDebugStringA
GetCurrentThread
SetLastError
GetUserDefaultUILanguage
GetSystemTime
CopyFileW
lstrcpynW
RemoveDirectoryW
GlobalFindAtomA
FlushFileBuffers
GetModuleFileNameA
lstrcmpiW
GetVolumeInformationA
GetPrivateProfileStringA
SetThreadPriority
WritePrivateProfileSectionW
RtlVirtualUnwind
UnhandledExceptionFilter
MultiByteToWideChar
CreateMutexA
SetFilePointer
CreateSemaphoreA
GetSystemDefaultUILanguage
GlobalAddAtomA
SetUnhandledExceptionFilter
MulDiv
GetSystemDirectoryA
TerminateProcess
VirtualQuery
SetEndOfFile
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
LoadLibraryW
SetEvent
QueryPerformanceCounter
GetTickCount
DisableThreadLibraryCalls
VirtualProtect
GetVersionExA
LoadLibraryA
FreeLibrary
GlobalSize
UnlockFile
GetFileSize
GetPrivateProfileIntA
DeleteFileA
DeleteFileW
GetUserDefaultLCID
GetProcessHeap
GetTempFileNameW
CompareStringW
GlobalReAlloc
ExpandEnvironmentStringsW
FindNextFileW
lstrcpyA
GetTempFileNameA
FindFirstFileW
DuplicateHandle
GetProcAddress
GetPrivateProfileSectionW
CreateFileW
CreateEventA
CopyFileA
TlsSetValue
CreateFileA
LocalUnlock
LeaveCriticalSection
GetLastError
SystemTimeToFileTime
GlobalDeleteAtom
GetSystemInfo
GlobalFree
GlobalGetAtomNameA
GetThreadLocale
GlobalUnlock
IsDBCSLeadByte
GlobalAlloc
lstrlenW
GetShortPathNameA
FileTimeToLocalFileTime
SizeofResource
CompareFileTime
GetCurrentProcessId
LockResource
GetCPInfo
WritePrivateProfileStringW
SuspendThread
TlsFree
GetModuleHandleA
ReadFile
GlobalFlags
PulseEvent
RtlCaptureContext
CloseHandle
lstrcpynA
GlobalLock
GetVersion
GetFileAttributesExW
RtlLookupFunctionEntry
Sleep
GetProcessVersion
FindResourceA
VirtualAlloc
SysFreeString
SafeArrayPutElement
VariantClear
SysAllocString
SHGetFolderPathW
StrCmpW
StrCmpNIW
PathFindFileNameW
PathAppendW
PathCombineW
SHGetValueW
GetUserNameExW
BeginPaint
GetMenuState
AppendMenuA
EndPaint
ScrollWindowEx
SetDlgItemTextA
MoveWindow
GetDlgItemTextA
GrayStringA
GetSystemMenu
DestroyCursor
wvsprintfA
GetDlgItemInt
CheckDlgButton
GetAsyncKeyState
CheckMenuItem
SetParent
LoadStringW
SetCursorPos
EnableMenuItem
TabbedTextOutA
DrawFocusRect
IsDlgButtonChecked
SetDlgItemInt
LockWindowUpdate
GetClassNameA
ModifyMenuA
RsopResetPolicySettingStatus
malloc
realloc
fread
abort
strtoul
fgets
strtol
clearerr
mktime
fseek
wcslen
fputs
ftell
sprintf
wcsrchr
localtime
wcsncpy
free
wcsncmp
calloc
wcscpy
swprintf
time
wcsstr
vsprintf
CoUninitialize
CoTaskMemAlloc
PE exports
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.2

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.0.3790.1830

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
145408

EntryPoint
0x18bd

OriginalFileName
w3isapi.dll

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
6.0.3790.1830 (srv03_sp1_rtm.050324-1447)

TimeStamp
2004:06:28 16:16:51+01:00

FileType
Win64 DLL

PEType
PE32+

InternalName
w3isapi.dll

ProductVersion
6.0.3790.1830

FileDescription
IIS ISAPI Handler

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
AMD AMD64

CompanyName
Microsoft Corporation

CodeSize
30720

ProductName
Internet Information Services

ProductVersionNumber
6.0.3790.1830

FileTypeExtension
dll

ObjectFileType
Dynamic link library

File identification
MD5 d682afda2fe587953a0fee2c947b7a6c
SHA1 5708869aaa4f47ae4435ea812f6d35e4e8dcec7c
SHA256 00ce05a515ac0c081636712979b6c04b02b3089cc3e3a2af2554a6ff62330f85
ssdeep
3072:FFxO/Uko7YO78lyuUEa47BU6F0fKImsILpaobFgc4XhOKZu:FFIM6lyv47BrF0fTINakFgnxHu

authentihash 1c2579e67930620bc4c74af7b71985582c4b21649da90abadb4cac1c0cf19f95
imphash c81afd4a51ea016ffc75f694a58ae793
File size 176.3 KB ( 180552 bytes )
File type Win32 DLL
Magic literal
PE32+ executable for MS Windows (DLL) (GUI) Mono/.Net assembly

TrID Generic Win/DOS Executable (50.0%)
DOS Executable Generic (49.9%)
Tags
64bits via-tor assembly pedll overlay

VirusTotal metadata
First submission 2015-01-27 21:19:57 UTC ( 3 years, 10 months ago )
Last submission 2015-04-29 12:52:47 UTC ( 3 years, 7 months ago )
File names w3isapi.dll
hid.dl
p2pcollab.dll
crypt32.dll
w3isapi
imgutil.dll
d682afda2fe587953a0fee2c947b7a6c
apphelp.dll
softpub.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!