× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1515637b179101c72e0a258b054d73b076b51b70c32aab686ce0e9dd9ec54b9c
File name: vp7dec.ax
Detection ratio: 0 / 41
Analysis date: 2010-05-12 21:51:58 UTC ( 3 years, 11 months ago ) View latest
Probably harmless! There are strong indicators suggesting that this file is safe to use.
Antivirus Result Update
AVG 20100512
AhnLab-V3 20100512
AntiVir 20100512
Antiy-AVL 20100512
Authentium 20100512
Avast 20100512
Avast5 20100512
BitDefender 20100512
CAT-QuickHeal 20100512
ClamAV 20100512
Comodo 20100512
DrWeb 20100512
F-Prot 20100512
F-Secure 20100512
Fortinet 20100512
GData 20100512
Ikarus 20100512
Jiangmin 20100512
Kaspersky 20100512
McAfee 20100512
McAfee-GW-Edition 20100512
Microsoft 20100512
NOD32 20100512
Norman 20100512
PCTools 20100512
Panda 20100512
Prevx 20100512
Rising 20100512
Sophos 20100512
Sunbelt 20100512
Symantec 20100512
TheHacker 20100511
TrendMicro 20100512
TrendMicro-HouseCall 20100512
VBA32 20100512
ViRobot 20100512
VirusBuster 20100512
a-squared 20100510
eSafe 20100511
eTrust-Vet 20100512
nProtect 20100512
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
Authenticode signature block
Copyright
Copyright (C) 2003 On2.com Inc.

Publisher On2.com Inc.
Product VP7 Decompression Filter
Original name vp7dec.ax
Internal name vp7dec.ax
File version 7,0,10,0
Description VP7 Decompression Filter
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2006-03-24 22:09:25
Link date 11:09 PM 3/24/2006
Entry Point 0x000126BE
Number of sections 5
PE sections
PE imports
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegSetValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCreateKeyA
RegEnumKeyExA
GetLastError
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
GetSystemInfo
lstrlenA
FreeLibrary
LCMapStringA
MulDiv
HeapDestroy
GetTickCount
DisableThreadLibraryCalls
TlsAlloc
FlushFileBuffers
VirtualProtect
GetVersionExA
GetModuleFileNameA
RtlUnwind
LoadLibraryA
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
IsBadWritePtr
GetEnvironmentStrings
GetLocaleInfoA
GetCurrentProcessId
GetTimeZoneInformation
SetFilePointer
CreateFileA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetCPInfo
GetCommandLineA
GetProcAddress
TlsFree
GetFileType
SetStdHandle
CompareStringW
QueryPerformanceFrequency
WideCharToMultiByte
GetStringTypeA
GetModuleHandleA
ReadFile
InterlockedExchange
SetUnhandledExceptionFilter
WriteFile
GetStartupInfoA
CompareStringA
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
GetStringTypeW
ExitProcess
SetEnvironmentVariableA
GetOEMCP
TerminateProcess
TlsSetValue
QueryPerformanceCounter
InitializeCriticalSection
HeapCreate
VirtualQuery
VirtualFree
GetEnvironmentStringsW
InterlockedDecrement
IsBadReadPtr
SetEndOfFile
LeaveCriticalSection
IsBadCodePtr
HeapAlloc
GetCurrentThreadId
InterlockedIncrement
VirtualAlloc
SetLastError
CloseHandle
DefWindowProcA
ShowWindow
SendDlgItemMessageA
GetWindowRect
SetDlgItemTextA
MoveWindow
SetDlgItemInt
SetWindowLongA
wvsprintfA
GetDlgItemInt
CheckDlgButton
LoadStringA
GetWindowLongA
SendMessageA
LoadStringW
GetDlgItem
CreateDialogParamA
InvalidateRect
wsprintfA
GetDesktopWindow
IsRectEmpty
DestroyWindow
timeGetTime
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoCreateInstance
CoFreeUnusedLibraries
CoTaskMemFree
StringFromGUID2
PE exports
Number of PE resources by type
RT_BITMAP 2
RT_STRING 1
RT_DIALOG 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 5
ExifTool file metadata
LegalTrademarks
Patent(s) Pending

SubsystemVersion
4.0

InitializedDataSize
126976

ImageVersion
0.0

ProductName
VP7 Decompression Filter

FileVersionNumber
7.0.10.0

ActiveMovie
on2.ax

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x30003f

CharacterSet
Windows, Latin1

LinkerVersion
7.1

OriginalFilename
vp7dec.ax

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
7,0,10,0

TimeStamp
2006:03:24 23:09:25+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
vp7dec.ax

OLESelfRegister
AM20

FileAccessDate
2014:04:24 15:47:59+01:00

ProductVersion
7,0,10,0

FileDescription
VP7 Decompression Filter

OSVersion
4.0

FileCreateDate
2014:04:24 15:47:59+01:00

FileOS
Windows 16-bit

LegalCopyright
Copyright (C) 2003 On2.com Inc.

MachineType
Intel 386 or later, and compatibles

CompanyName
On2.com Inc.

CodeSize
159744

FileSubtype
0

ProductVersionNumber
7.0.10.0

EntryPoint
0x126be

ObjectFileType
Dynamic link library

PE resource-wise parents
Compressed bundles
File identification
MD5 085574f70323b1842f076e6de899a78b
SHA1 748b2393795821f6b999ad55a476b2d2e480fe86
SHA256 1515637b179101c72e0a258b054d73b076b51b70c32aab686ce0e9dd9ec54b9c
ssdeep
3072:GmGGyBPwl83WECR2yBMe5UZebhFI8aIGZeoOv4ncV/xXSTIXdwPgGDt3ClqnZv4:pGbmXZk8aI0ef4mEsEDt3iwP3gd

imphash 81264cb0bc73710829255ea94441d901
File size 232.0 KB ( 237568 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID DirectShow filter (81.3%)
Win32 Executable MS Visual C++ (generic) (12.5%)
Win32 Dynamic Link Library (generic) (2.6%)
Win32 Executable (generic) (1.8%)
Generic Win/DOS Executable (0.8%)
Tags
pedll

VirusTotal metadata
First submission 2009-03-31 06:05:51 UTC ( 5 years ago )
Last submission 2014-04-13 12:12:25 UTC ( 1 week, 4 days ago )
File names 748b2393795821f6b999ad55a476b2d2e480fe86
file-3382409_ax
smona131142293468898824026
vp7dec.ax
smona_1515637b179101c72e0a258b054d73b076b51b70c32aab686ce0e9dd9ec54b9c.bin
smona132345201368611709849
smona131004202312142574426
vp7dec.ax
vp7dec.ax
smona132602338361284276409
085574F70323B1842F076E6DE899A78B
smona131907018270891707345
F6B11A960060327AA02A03668BEEDA00CB0BB10A.ax
vp7dec.ax
smona132518888808919499527
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!