× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 08e3b7e04abe1aa43477a1befb0a05d4fd7cf1480c834f21ff2f7e894fed6a3f
File name: embeded_dll.dll
Detection ratio: 42 / 57
Analysis date: 2015-06-19 08:04:52 UTC ( 2 years ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Kazy.430570 20150619
Yandex Trojan.Rovnix!PXow+w+hkZ4 20150618
AhnLab-V3 Trojan/Win32.Rovnix 20150618
ALYac Gen:Variant.Kazy.430570 20150619
Antiy-AVL Trojan/Win32.Rovnix 20150619
Arcabit Trojan.Kazy.D691EA 20150619
Avast Win64:Rovnix-I [Trj] 20150619
AVG Atros.TTJ 20150619
Avira (no cloud) TR/Drop.Rovnix.95840 20150619
AVware Trojan.Win32.Generic!BT 20150619
Baidu-International Trojan.Win32.Rovnix.ay 20150618
BitDefender Gen:Variant.Kazy.430570 20150619
CAT-QuickHeal Trojan.Rovnix.r4 20150619
Comodo UnclassifiedMalware 20150619
DrWeb Trojan.Mayachok.19009 20150619
Emsisoft Gen:Variant.Kazy.430570 (B) 20150619
ESET-NOD32 a variant of Win32/Rovnix.AF 20150619
F-Secure Gen:Variant.Kazy.430570 20150619
Fortinet W32/BDoor.FCOL!tr.bdr 20150619
GData Gen:Variant.Kazy.430570 20150619
Ikarus Trojan.Win32.Rovnix 20150619
Jiangmin Trojan/Rovnix.u 20150618
K7AntiVirus Trojan ( 004a033b1 ) 20150619
K7GW Trojan ( 004a033b1 ) 20150619
Kaspersky Trojan.Win32.Rovnix.ay 20150619
Malwarebytes Trojan.Rovnix.Vh 20150619
McAfee BackDoor-FCOL!6FDCBEE2D35E 20150619
McAfee-GW-Edition BackDoor-FCOL!6FDCBEE2D35E 20150618
Microsoft Trojan:Win32/Skeeyah.A!rfn 20150618
eScan Gen:Variant.Kazy.430570 20150619
NANO-Antivirus Trojan.Win32.Rovnix.dqwxbv 20150619
Panda Trj/Rovnix.B 20150618
Qihoo-360 Win32/Trojan.4e9 20150619
Sophos Mal/Generic-S 20150619
SUPERAntiSpyware Trojan.Agent/Gen-Rovnix 20150619
Symantec Trojan.Gen 20150619
Tencent Trojan.Win32.Qudamah.Gen.13 20150619
TrendMicro TROJ_GEN.R000C0FEL15 20150619
TrendMicro-HouseCall TROJ_GEN.R000C0FEL15 20150619
VBA32 Trojan.Rovnix 20150618
VIPRE Trojan.Win32.Generic!BT 20150619
Zillya Trojan.Rovnix.Win32.157 20150619
AegisLab 20150619
Alibaba 20150619
Bkav 20150618
ByteHero 20150619
ClamAV 20150619
CMC 20150618
Cyren 20150619
F-Prot 20150619
Kingsoft 20150619
nProtect 20150618
Rising 20150618
TheHacker 20150619
TotalDefense 20150618
ViRobot 20150619
Zoner 20150618
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-04-29 15:42:48
Entry Point 0x0000B570
Number of sections 4
PE sections
PE exports
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2015:04:29 16:42:48+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
44032

LinkerVersion
11.0

FileTypeExtension
dll

InitializedDataSize
45056

SubsystemVersion
5.1

EntryPoint
0xb570

OSVersion
5.1

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 6fdcbee2d35e5107ac2cc098ecffffef
SHA1 33ee069fe9ae0436e49e4b41a473b68a5b70baab
SHA256 08e3b7e04abe1aa43477a1befb0a05d4fd7cf1480c834f21ff2f7e894fed6a3f
ssdeep
1536:DBA9c4rJ3nmRkDTUGmSb+ZtPqncLTHVHNnDruyxPr35:DBA9PrDUebmtPqncLTHVHNDrnxPrJ

authentihash aedd5a827fb52a0f20b675ac612421a81affddf7b9a59fdb6900c842774b8ff2
File size 75.5 KB ( 77312 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
pedll

VirusTotal metadata
First submission 2015-05-13 20:09:14 UTC ( 2 years, 1 month ago )
Last submission 2015-12-16 10:30:52 UTC ( 1 year, 6 months ago )
File names embeded_dll.dll
pyaload32.dl
6FDCBEE2D35E5107AC2CC098ECFFFFEF
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!