× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 039bc76b323a65324eae25cbf8e4a64565fe69945ea9c43663299ae84dd58238
File name: B109E54500A39DA1904D061E9402C500E4B2B3AE.cpl
Detection ratio: 0 / 43
Analysis date: 2011-12-01 17:46:05 UTC ( 7 years, 4 months ago )
Antivirus Result Update
AhnLab-V3 20111201
AntiVir 20111201
Antiy-AVL 20111201
Avast 20111201
AVG 20111201
BitDefender 20111201
ByteHero 20111129
CAT-QuickHeal 20111201
ClamAV 20111201
Commtouch 20111201
Comodo 20111201
DrWeb 20111201
Emsisoft 20111201
eSafe 20111130
eTrust-Vet 20111201
F-Prot 20111129
F-Secure 20111201
Fortinet 20111201
GData 20111201
Ikarus 20111201
Jiangmin 20111130
K7AntiVirus 20111130
Kaspersky 20111201
McAfee 20111201
McAfee-GW-Edition 20111201
Microsoft 20111201
NOD32 20111201
Norman 20111201
nProtect 20111201
Panda 20111201
PCTools 20111201
Prevx 20111201
Rising 20111201
Sophos AV 20111201
SUPERAntiSpyware 20111201
Symantec 20111201
TheHacker 20111130
TrendMicro 20111201
TrendMicro-HouseCall 20111201
VBA32 20111201
VIPRE 20111201
ViRobot 20111201
VirusBuster 20111201
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(c) Microsoft Corporation. All rights reserved.

Publisher Microsoft Corporation
Product Microsoft_ Windows_ Operating System
Original name irprops.cpl
Internal name Infrared Properties
File version 6.1.7600.16385 (win7_rtm.090713-1255)
Description Infrared Control Panel Applet
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-07-14 01:06:58
Entry Point 0x00004EDB
Number of sections 4
PE sections
PE imports
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
DeactivateActCtx
lstrlenW
GetFileAttributesW
lstrcmpiW
GetLastError
CreateMutexW
CloseHandle
FormatMessageW
DisableThreadLibraryCalls
MultiByteToWideChar
GetProcessHeap
HeapFree
FreeLibrary
GetProcAddress
LoadLibraryW
SetLastError
DelayLoadFailureHook
InterlockedCompareExchange
LoadLibraryExA
InterlockedExchange
Sleep
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleW
CreateActCtxW
ReleaseActCtx
ActivateActCtx
GetModuleFileNameW
1 more function(s) imported by ordinal)
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderPathW
6 more function(s) imported by ordinal)
DialogBoxParamW
SetProcessDPIAware
SetWindowTextW
GetDlgItem
SendMessageW
MessageBoxW
LoadStringW
ShowWindow
RegisterWindowMessageW
SetForegroundWindow
EnumWindows
SetWindowLongW
GetWindowLongW
GetParent
EndDialog
4 more function(s) imported by ordinal)
_amsg_exit
_except_handler4_common
_XcptFilter
_initterm
free
malloc
memset
WinSqmAddToStream
CoInitialize
CoCreateInstance
CoUninitialize
PE exports
ExifTool file metadata
SubsystemVersion
6.1

LinkerVersion
9.0

ImageVersion
6.1

FileSubtype
0

FileVersionNumber
6.1.7600.16385

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
406528

FileOS
Windows NT 32-bit

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
6.1.7600.16385 (win7_rtm.090713-1255)

TimeStamp
2009:07:14 03:06:58+02:00

FileType
Win32 DLL

PEType
PE32

InternalName
Infrared Properties

ProductVersion
6.1.7600.16385

FileDescription
Infrared Control Panel Applet

OSVersion
6.1

OriginalFilename
irprops.cpl

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
22528

ProductName
Microsoft Windows Operating System

ProductVersionNumber
6.1.7600.16385

EntryPoint
0x4edb

ObjectFileType
Dynamic link library

File identification
MD5 6362be990ceb7a4c2569236ab4d4be7a
SHA1 7a5a896c8c4dd0eff84f168a4adfa6fdb803dd40
SHA256 039bc76b323a65324eae25cbf8e4a64565fe69945ea9c43663299ae84dd58238
ssdeep
6144:oRVM+mtZ+kB2rX8osKd13DKaofa8KbHA+E:ynmv+kSZTWaolI7E

File size 420.0 KB ( 430080 bytes )
File type Win32 DLL
Magic literal

TrID Win32 Executable MS Visual C++ (generic) (51.4%)
Win 9x/ME Control Panel applet (21.1%)
Win32 Executable Generic (11.6%)
Win32 Dynamic Link Library (generic) (10.3%)
Generic Win/DOS Executable (2.7%)
VirusTotal metadata
First submission 2011-12-01 17:46:05 UTC ( 7 years, 4 months ago )
Last submission 2011-12-01 17:46:05 UTC ( 7 years, 4 months ago )
File names B109E54500A39DA1904D061E9402C500E4B2B3AE.cpl
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!