× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1a5a89214fc67a35da8d64d0f17f9bd4b4f49d5ff6383743c62e18fbe482d6b3
File name: sqlite3.dll
Detection ratio: 0 / 65
Analysis date: 2019-03-13 01:30:07 UTC ( 1 week, 5 days ago )
Antivirus Result Update
Acronis 20190222
Ad-Aware 20190312
AegisLab 20190313
AhnLab-V3 20190312
Alibaba 20190306
ALYac 20190313
Antiy-AVL 20190313
Arcabit 20190312
Avast 20190313
Avast-Mobile 20190312
AVG 20190313
Avira (no cloud) 20190313
Babable 20180918
Baidu 20190306
BitDefender 20190313
Bkav 20190312
CAT-QuickHeal 20190312
ClamAV 20190312
CMC 20190312
Comodo 20190313
CrowdStrike Falcon (ML) 20190212
Cybereason 20190109
Cyren 20190313
DrWeb 20190313
eGambit 20190313
Emsisoft 20190313
Endgame 20190215
ESET-NOD32 20190313
F-Prot 20190312
F-Secure 20190313
Fortinet 20190313
GData 20190312
Ikarus 20190312
Sophos ML 20181128
Jiangmin 20190313
K7AntiVirus 20190312
K7GW 20190312
Kaspersky 20190313
Kingsoft 20190313
Malwarebytes 20190312
MAX 20190313
McAfee 20190312
McAfee-GW-Edition 20190312
Microsoft 20190312
eScan 20190312
NANO-Antivirus 20190312
Palo Alto Networks (Known Signatures) 20190313
Panda 20190312
Qihoo-360 20190313
Rising 20190312
SentinelOne (Static ML) 20190311
Sophos AV 20190312
SUPERAntiSpyware 20190307
Symantec Mobile Insight 20190220
TACHYON 20190313
Tencent 20190313
TheHacker 20190308
TotalDefense 20190312
Trapmine 20190301
TrendMicro-HouseCall 20190312
Trustlook 20190313
VBA32 20190312
VIPRE 20190312
ViRobot 20190313
Yandex 20190312
ZoneAlarm by Check Point 20190312
Zoner 20190312
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-09-12 13:05:07
Entry Point 0x0005763C
Number of sections 4
PE sections
PE imports
GetStdHandle
GetFileAttributesA
HeapDestroy
GetFileAttributesW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoA
FreeEnvironmentStringsW
GetTempPathA
GetCPInfo
GetStringTypeA
GetDiskFreeSpaceW
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetFullPathNameA
GetOEMCP
LocalFree
FormatMessageW
InitializeCriticalSection
InterlockedDecrement
FormatMessageA
GetFullPathNameW
SetLastError
GetSystemTime
IsDebuggerPresent
ExitProcess
FlushFileBuffers
GetModuleFileNameA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
SetFilePointer
LockFileEx
SetUnhandledExceptionFilter
SetEnvironmentVariableA
TerminateProcess
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
AreFileApisANSI
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
GetStartupInfoA
UnlockFile
GetFileSize
DeleteFileA
DeleteFileW
GetProcAddress
CompareStringW
GetDiskFreeSpaceA
CompareStringA
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
InterlockedIncrement
GetLastError
LCMapStringW
LCMapStringA
GetEnvironmentStringsW
LockFile
GetEnvironmentStrings
GetCurrentProcessId
WideCharToMultiByte
HeapSize
GetCommandLineA
InterlockedCompareExchange
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
GetACP
GetModuleHandleW
IsValidCodePage
HeapCreate
GetTempPathW
VirtualFree
Sleep
VirtualAlloc
PE exports
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
dll

TimeStamp
2012:09:12 15:05:07+02:00

FileType
Win32 DLL

PEType
PE32

CodeSize
394752

LinkerVersion
9.0

ImageFileCharacteristics
Executable, 32-bit, DLL

EntryPoint
0x5763c

InitializedDataSize
63488

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

CarbonBlack CarbonBlack acts as a surveillance camera for computers
Execution parents
Compressed bundles
File identification
MD5 18a54a743d683a0dc40c65155d108608
SHA1 dd499c8bab4bf8523d6c2cbcd3f6a38f819f5f3e
SHA256 1a5a89214fc67a35da8d64d0f17f9bd4b4f49d5ff6383743c62e18fbe482d6b3
ssdeep
6144:XguzLWRZAuMy5z9cnsdKs2ANtHWP6+/Q0PQmmOJcOAvkobZcDmnuDo3/AHE:NWRZNDd4804fkCZ0U3/l

authentihash a1edf0353c26bfb6b1781b1c6b1cab37f9af1b45af80819c1f17362e1707ac96
imphash 6f383944ad37c3b1c6ab47bdb43092ea
File size 444.5 KB ( 455168 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
pedll

VirusTotal metadata
First submission 2013-06-01 20:39:42 UTC ( 5 years, 9 months ago )
Last submission 2019-03-13 01:30:07 UTC ( 1 week, 5 days ago )
File names sqlite3.dll
$_838_
$_1365_
vti-rescan
sqlite3.dll
sqlite3.dll
FF_sqlite3.dll_x32
_2A772FB620DE47ABAF009FC2DDBB62F9
$_1757_
sqlite3.1.dll
filC1211D65965C40BA1E82181CE9C379AC
sqlite3.dll
sqlite3.dll
sqlite3.dll
$_1520_
sqlite3.dll
sqlite3.dll
sqlite33.dll1
1A5A89214FC67A35DA8D64D0F17F9BD4B4F49D5FF6383743C62E18FBE482D6B3
1a5a89214fc67a35da8d64d0f17f9bd4b4f49d5ff6383743c62e18fbe482d6b3.bin
sqlite3.dll
1a5a89214fc67a35_sqlite3.dll
sqlite3.dll
sqlite3.cck
$[1546]
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!