× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1152e27f05a52d749d9f7eb9718e53d665dfc774b9c2b5c5336f949485b48cd9
File name: InitechBHOInterface.dll
Detection ratio: 2 / 67
Analysis date: 2018-07-23 01:20:32 UTC ( 3 weeks, 2 days ago )
Antivirus Result Update
Comodo ApplicUnwnt.Win32.Adware.BHO.~BB 20180723
Webroot W32.Malware.Gen 20180723
Ad-Aware 20180723
AegisLab 20180723
AhnLab-V3 20180723
Alibaba 20180713
ALYac 20180723
Antiy-AVL 20180723
Arcabit 20180723
Avast 20180723
Avast-Mobile 20180722
AVG 20180723
Avira (no cloud) 20180722
AVware 20180723
Babable 20180406
Baidu 20180723
BitDefender 20180723
Bkav 20180719
CAT-QuickHeal 20180722
ClamAV 20180723
CMC 20180722
CrowdStrike Falcon (ML) 20180530
Cybereason 20180225
Cylance 20180723
Cyren 20180723
DrWeb 20180723
eGambit 20180723
Emsisoft 20180723
Endgame 20180711
ESET-NOD32 20180723
F-Prot 20180723
F-Secure 20180722
Fortinet 20180723
GData 20180723
Ikarus 20180722
Sophos ML 20180717
Jiangmin 20180723
K7AntiVirus 20180722
K7GW 20180723
Kaspersky 20180723
Kingsoft 20180723
Malwarebytes 20180723
MAX 20180723
McAfee 20180723
McAfee-GW-Edition 20180723
Microsoft 20180723
eScan 20180723
NANO-Antivirus 20180723
Palo Alto Networks (Known Signatures) 20180723
Panda 20180722
Qihoo-360 20180723
Rising 20180723
SentinelOne (Static ML) 20180701
Sophos AV 20180723
SUPERAntiSpyware 20180722
Symantec 20180722
TACHYON 20180723
Tencent 20180723
TheHacker 20180722
TotalDefense 20180722
TrendMicro 20180723
TrendMicro-HouseCall 20180723
Trustlook 20180723
VBA32 20180720
VIPRE 20180723
ViRobot 20180722
Yandex 20180720
Zillya 20180720
ZoneAlarm by Check Point 20180723
Zoner 20180723
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(c) INITECH. All rights reserved.

Product INISAFE Web v7.0 Client Extension Module
Original name InitechBHOInterface.dll
Internal name InitechBHOInterface.dll
File version 1, 0, 0, 4
Description INISAFEWeb Browser Helper Object
Comments 소스보기 방지 플러그인
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2006-09-29 07:26:39
Entry Point 0x00007F00
Number of sections 6
PE sections
PE imports
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
GetLastError
EnterCriticalSection
lstrlenA
lstrcmpiA
FreeLibrary
QueryPerformanceCounter
ExitProcess
GetThreadLocale
GetVersionExA
IsDBCSLeadByte
LoadLibraryA
DeleteCriticalSection
LeaveCriticalSection
LoadLibraryExA
SizeofResource
GetLocaleInfoA
GetCurrentProcessId
lstrcatA
lstrlenW
MultiByteToWideChar
RaiseException
WideCharToMultiByte
MapViewOfFile
GetModuleHandleA
InterlockedExchange
lstrcpyA
GetSystemTimeAsFileTime
lstrcpynA
GetACP
GetModuleFileNameA
InitializeCriticalSection
LoadResource
CreateFileMappingA
InterlockedDecrement
GetTickCount
GetCurrentThreadId
FindResourceA
InterlockedIncrement
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
strncmp
rand
malloc
??0exception@@QAE@ABV0@@Z
??1type_info@@UAE@XZ
memset
__dllonexit
_mbslwr
_CxxThrowException
_except_handler3
?terminate@@YAXXZ
??2@YAPAXI@Z
_onexit
wcslen
??_V@YAXPAX@Z
realloc
_resetstkoflw
wcsncpy
free
__CxxFrameHandler
srand
??_U@YAPAXI@Z
??1exception@@UAE@XZ
_adjust_fdiv
time
??3@YAXPAX@Z
__security_error_handler
_mbsstr
memmove
??0exception@@QAE@XZ
__CppXcptFilter
_strnicmp
_initterm
VarUI4FromStr
SysStringLen
UnRegisterTypeLib
RegisterTypeLib
LoadRegTypeLib
SysAllocString
VariantClear
LoadTypeLib
SysFreeString
VariantInit
IUnknown_Release_Proxy
NdrOleAllocate
IUnknown_QueryInterface_Proxy
NdrStubCall2
NdrDllUnregisterProxy
NdrDllCanUnloadNow
NdrStubForwardingFunction
NdrDllGetClassObject
NdrOleFree
IUnknown_AddRef_Proxy
NdrDllRegisterProxy
NdrCStdStubBuffer2_Release
PathFindExtensionA
wsprintfA
FindWindowExA
CreateWindowExA
EnableMenuItem
TrackPopupMenu
UpdateWindow
GetMenuItemInfoA
LoadMenuA
GetSubMenu
SetMenuItemInfoA
CharNextA
SendMessageA
CallWindowProcA
SetWindowLongW
GetWindowLongW
DefWindowProcA
ShowWindow
InsertMenuItemA
MessageBoxA
DeleteMenu
RegisterClassExA
InternetCrackUrlA
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
StringFromGUID2
CoGetClassObject
CoInternetGetSession
PE exports
Number of PE resources by type
REGISTRY 2
TYPELIB 1
RT_STRING 1
RT_VERSION 1
Number of PE resources by language
KOREAN 5
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
7.1

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.4

UninitializedDataSize
0

LanguageCode
Korean

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
32768

EntryPoint
0x7f00

OriginalFileName
InitechBHOInterface.dll

MIMEType
application/octet-stream

LegalCopyright
(c) INITECH. All rights reserved.

FileVersion
1, 0, 0, 4

TimeStamp
2006:09:29 08:26:39+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
InitechBHOInterface.dll

ProductVersion
1, 0, 0, 4

FileDescription
INISAFEWeb Browser Helper Object

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
(c) INITECH

CodeSize
36864

ProductName
INISAFE Web v7.0 Client Extension Module

ProductVersionNumber
1.0.0.4

FileTypeExtension
dll

ObjectFileType
Dynamic link library

File identification
MD5 39c09e1a31e941f098a7fddc60625f2b
SHA1 dacb015ec268296d0251d87e5c9659cb22463f3d
SHA256 1152e27f05a52d749d9f7eb9718e53d665dfc774b9c2b5c5336f949485b48cd9
ssdeep
1536:uG9yN9OoP/nW0mtBnA1pSXDhMXnsINx0Vw:uG9m9OoP/nW0mjnA1pSTGXn9Nxqw

authentihash 747d4407bd40cdf7d73cfa7c36679e89c8794f68e0ff718e140c9dc38dfc64de
imphash 5c05927b63416084c5b472a8364e38ed
File size 72.0 KB ( 73728 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID DirectShow filter (51.1%)
Windows ActiveX control (29.5%)
Win32 Executable MS Visual C++ (generic) (7.9%)
Win64 Executable (generic) (7.0%)
Win32 Dynamic Link Library (generic) (1.6%)
Tags
pedll

VirusTotal metadata
First submission 2010-02-13 19:01:45 UTC ( 8 years, 6 months ago )
Last submission 2016-07-06 14:04:44 UTC ( 2 years, 1 month ago )
File names initechbhointerface.10004.dll-0fAadH
39C09E1A31E941F098A7FDDC60625F2B
initechbhointerface..dll
IgzWiZM.scr
5cpgbk.pps
output.1466949.txt
KSrG.7z
aa
InitechBHOInterface.dll
1466949
VirusShare_39c09e1a31e941f098a7fddc60625f2b
1152e27f05a52d749d9f7eb9718e53d665dfc774b9c2b5c5336f949485b48cd9
initechbhointerface.10004.dll
file-3395523_dll
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!