× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 08adf01bc6f507d781dac199abb635b766f87ca281398f9c4b2fd1317178ac82
File name: f05fa10b6502a04357bd1db4fc59cd1e
Detection ratio: 21 / 66
Analysis date: 2018-07-09 11:03:00 UTC ( 5 months ago )
Antivirus Result Update
Antiy-AVL Trojan[Banker]/Win32.Shiotob 20180709
Avast Win32:Malware-gen 20180709
AVG Win32:Malware-gen 20180709
AVware Trojan.Win32.Generic!BT 20180709
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9995 20180709
CAT-QuickHeal Trojan.Drixed.100454 20180709
CrowdStrike Falcon (ML) malicious_confidence_60% (D) 20180530
Cylance Unsafe 20180709
Endgame malicious (high confidence) 20180612
ESET-NOD32 Win32/Dridex.CE 20180709
Sophos ML heuristic 20180601
K7AntiVirus Trojan ( 00535a401 ) 20180709
K7GW Trojan ( 00535a401 ) 20180709
Kaspersky HEUR:Trojan.Win32.Generic 20180709
Microsoft Trojan:Win32/Fuerboos.A!cl 20180709
Qihoo-360 HEUR/QVM40.1.62FD.Malware.Gen 20180709
Rising Malware.Heuristic!ET#96% (RDM+:cmRtazrHMzjUhbXEtojxm/f/vug8) 20180709
Symantec ML.Attribute.HighConfidence 20180709
VIPRE Trojan.Win32.Generic!BT 20180709
Yandex Trojan.PWS.Shiotob! 20180706
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20180709
Ad-Aware 20180709
AegisLab 20180709
AhnLab-V3 20180709
ALYac 20180709
Arcabit 20180709
Avast-Mobile 20180709
Avira (no cloud) 20180709
Babable 20180406
BitDefender 20180709
Bkav 20180706
ClamAV 20180709
CMC 20180709
Comodo 20180709
Cybereason 20180225
Cyren 20180709
DrWeb 20180709
eGambit 20180709
Emsisoft 20180709
F-Prot 20180709
F-Secure 20180709
Fortinet 20180709
GData 20180709
Ikarus 20180709
Jiangmin 20180709
Kingsoft 20180709
Malwarebytes 20180709
MAX 20180709
McAfee 20180709
McAfee-GW-Edition 20180709
eScan 20180709
NANO-Antivirus 20180709
Palo Alto Networks (Known Signatures) 20180709
Panda 20180708
SentinelOne (Static ML) 20180701
Sophos AV 20180709
SUPERAntiSpyware 20180708
TACHYON 20180709
Tencent 20180709
TheHacker 20180709
TotalDefense 20180709
TrendMicro 20180709
TrendMicro-HouseCall 20180709
Trustlook 20180709
VBA32 20180707
ViRobot 20180709
Webroot 20180709
Zoner 20180708
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2012-2013 TortoiseGit, Copyright (C) 2007-2012 TortoiseSVN

Product TortoiseGit
Original name apisetstub
Internal name TortoiseStub.dll
File version 6.1.76
Description TortoiseGit shell extension client
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-06-21 09:42:24
Entry Point 0x000016A0
Number of sections 6
PE sections
PE imports
RegisterServiceCtrlHandlerExW
CreateRestrictedToken
DeleteObject
CreateRectRgn
SetupDiSetDeviceInstallParamsW
FindExecutableA
wnsprintfW
EmptyClipboard
MonitorFromRect
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.5.0.0

UninitializedDataSize
0

LanguageCode
Process default

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
0

EntryPoint
0x16a0

OriginalFileName
apisetstub

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2012-2013 TortoiseGit, Copyright (C) 2007-2012 TortoiseSVN

FileVersion
6.1.76

TimeStamp
2018:06:21 10:42:24+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
TortoiseStub.dll

ProductVersion
2.5.0.0

FileDescription
TortoiseGit shell extension client

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
https://tortoisegit.org/

CodeSize
0

ProductName
TortoiseGit

ProductVersionNumber
2.5.0.0

FileTypeExtension
dll

ObjectFileType
Dynamic link library

File identification
MD5 f05fa10b6502a04357bd1db4fc59cd1e
SHA1 72848a74db47397c944e38f511af037a7dc6ee77
SHA256 08adf01bc6f507d781dac199abb635b766f87ca281398f9c4b2fd1317178ac82
ssdeep
12288:g45Mln+gbJm1XPMgCA33WHMeRfn0EfyoFjj:VGdxJm1XPMgPtgP0E7Fjj

authentihash f347f72b9cd2db388fad37e396bca1fa8b8cce7bdcbb6a3c503ec07013963f8e
imphash 5e891df98791acec2980882abc391733
File size 500.0 KB ( 512000 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
pedll

VirusTotal metadata
First submission 2018-07-09 11:03:00 UTC ( 5 months ago )
Last submission 2018-07-09 11:03:00 UTC ( 5 months ago )
File names apisetstub
TortoiseStub.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!