× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0becfb6d77b8833afec4ed3123b674945396ce78a7d53b489c37e2a81fade0ee
File name: lessmsi.core.dll
Detection ratio: 0 / 67
Analysis date: 2017-11-22 16:46:04 UTC ( 7 months, 3 weeks ago )
Antivirus Result Update
Ad-Aware 20171122
AegisLab 20171122
AhnLab-V3 20171122
Alibaba 20171122
ALYac 20171122
Antiy-AVL 20171122
Arcabit 20171122
Avast 20171122
Avast-Mobile 20171122
AVG 20171122
Avira (no cloud) 20171122
AVware 20171122
Baidu 20171122
BitDefender 20171122
Bkav 20171121
CAT-QuickHeal 20171122
ClamAV 20171122
CMC 20171122
Comodo 20171122
CrowdStrike Falcon (ML) 20171016
Cybereason None
Cylance 20171122
Cyren 20171122
DrWeb 20171122
eGambit 20171122
Emsisoft 20171122
Endgame 20171024
ESET-NOD32 20171122
F-Prot 20171122
F-Secure 20171122
Fortinet 20171122
GData 20171122
Ikarus 20171122
Sophos ML 20170914
Jiangmin 20171122
K7AntiVirus 20171122
K7GW 20171122
Kaspersky 20171122
Kingsoft 20171122
Malwarebytes 20171122
MAX 20171122
McAfee 20171122
McAfee-GW-Edition 20171122
Microsoft 20171122
eScan 20171122
NANO-Antivirus 20171122
nProtect 20171122
Palo Alto Networks (Known Signatures) 20171122
Panda 20171122
Qihoo-360 20171122
Rising 20171122
SentinelOne (Static ML) 20171113
Sophos AV 20171122
SUPERAntiSpyware 20171122
Symantec 20171122
Symantec Mobile Insight 20171122
Tencent 20171122
TheHacker 20171121
TotalDefense 20171122
TrendMicro 20171122
TrendMicro-HouseCall 20171122
Trustlook 20171122
VBA32 20171122
VIPRE 20171122
ViRobot 20171122
Webroot 20171122
WhiteArmor 20171104
Yandex 20171120
Zillya 20171122
ZoneAlarm by Check Point 20171122
Zoner 20171122
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright Scott Willeke © 2004-2013

Product Less MSIérables (lessmsi)
Original name lessmsi.core.dll
Internal name lessmsi.core.dll
File version 1.6.1
Description Less MSIérables (lessmsi) Core library
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-04-13 07:37:29
Entry Point 0x000076BE
Number of sections 3
.NET details
Module Version ID ac099df2-13b8-4a6a-9cdf-2d045a382ada
PE sections
PE imports
_CorDllMain
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
1536

ImageVersion
0.0

ProductName
Less MSI rables (lessmsi)

FileVersionNumber
1.6.1.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
11.0

FileTypeExtension
dll

OriginalFileName
lessmsi.core.dll

MIMEType
application/octet-stream

Subsystem
Windows command line

FileVersion
1.6.1

TimeStamp
2017:04:13 08:37:29+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
lessmsi.core.dll

ProductVersion
1.6.1

FileDescription
Less MSI rables (lessmsi) Core library

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright Scott Willeke 2004-2013

MachineType
Intel 386 or later, and compatibles

CodeSize
22528

FileSubtype
0

ProductVersionNumber
1.6.1.0

EntryPoint
0x76be

ObjectFileType
Dynamic link library

AssemblyVersion
1.6.1.0

File identification
MD5 87650d2627f55f7ed8f775139180378d
SHA1 1eec0221012aecce07a8f9e0aea2cd4c89b062e7
SHA256 0becfb6d77b8833afec4ed3123b674945396ce78a7d53b489c37e2a81fade0ee
ssdeep
384:eTyoEGI5ROmYh30vz1ILzCYH443WX2kSTufU7DaLVBdJZRLZve3pkr1lU:6I54Wr1c/IjS6U7eXdJ9veZko

authentihash e4fb770fb3825bab6a0e5e2ab1fb3123e3a1b6a999caaa593892e40ec903f77a
imphash dae02f32a21e03ce65412f6e56942daa
File size 24.0 KB ( 24576 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit Mono/.Net assembly

TrID Generic .NET DLL/Assembly (84.7%)
Win64 Executable (generic) (9.8%)
Win32 Dynamic Link Library (generic) (2.3%)
Win32 Executable (generic) (1.6%)
Generic Win/DOS Executable (0.7%)
Tags
assembly pedll

VirusTotal metadata
First submission 2017-04-13 08:24:28 UTC ( 1 year, 3 months ago )
Last submission 2017-11-22 16:46:04 UTC ( 7 months, 3 weeks ago )
File names lessmsi.core.dll
lessmsi.core.dll
lessmsi.core.dll
lessmsi.core.dll
Behaviour characterization
Zemana
dll-injection

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!