× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1eb337eb64ba4c78a0d98b87a39736395f8fb2d005d9b3428132941d22a4beee
File name: Microsoft.ApplicationInsights.dll
Detection ratio: 0 / 61
Analysis date: 2017-06-09 01:31:21 UTC ( 5 months, 1 week ago )
Antivirus Result Update
Ad-Aware 20170608
AegisLab 20170608
AhnLab-V3 20170608
Alibaba 20170608
ALYac 20170608
Antiy-AVL 20170608
Arcabit 20170609
Avast 20170609
AVG 20170609
Avira (no cloud) 20170608
AVware 20170609
Baidu 20170608
BitDefender 20170609
Bkav 20170608
CAT-QuickHeal 20170608
ClamAV 20170608
CMC 20170608
Comodo 20170608
CrowdStrike Falcon (ML) 20170420
Cyren 20170608
DrWeb 20170608
Emsisoft 20170608
Endgame 20170515
ESET-NOD32 20170609
F-Prot 20170608
F-Secure 20170608
Fortinet 20170608
GData 20170608
Ikarus 20170608
Sophos ML 20170607
Jiangmin 20170609
K7AntiVirus 20170608
K7GW 20170609
Kaspersky 20170609
Kingsoft 20170609
Malwarebytes 20170608
McAfee 20170608
McAfee-GW-Edition 20170608
Microsoft 20170609
eScan 20170609
NANO-Antivirus 20170608
nProtect 20170608
Palo Alto Networks (Known Signatures) 20170609
Panda 20170608
Qihoo-360 20170609
Rising None
SentinelOne (Static ML) 20170516
Sophos AV 20170609
SUPERAntiSpyware 20170609
Symantec 20170608
Symantec Mobile Insight 20170608
Tencent 20170609
TheHacker 20170607
TotalDefense 20170608
TrendMicro 20170608
TrendMicro-HouseCall 20170608
Trustlook 20170609
VBA32 20170608
VIPRE 20170608
ViRobot 20170609
Webroot 20170609
WhiteArmor 20170608
Yandex 20170608
Zillya 20170608
ZoneAlarm by Check Point 20170608
Zoner 20170609
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright © Microsoft. All Rights Reserved.

Original name Microsoft.ApplicationInsights.dll
Internal name Microsoft.ApplicationInsights.dll
File version 2.3.0.41907
Description
Signature verification Signed file, verified signature
Signing date 8:17 PM 4/5/2017
Signers
[+] Microsoft Corporation
Status Valid
Issuer Microsoft Code Signing PCA
Valid from 9:17 PM 8/18/2016
Valid to 9:17 PM 11/2/2017
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 98ED99A67886D020C564923B7DF25E9AC019DF26
Serial number 33 00 00 01 40 96 A9 EE 70 56 FE CC 07 00 01 00 00 01 40
[+] Microsoft Code Signing PCA
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 11:19 PM 8/31/2010
Valid to 11:29 PM 8/31/2020
Valid usage All
Algorithm sha1RSA
Thumbprint 3CAF9BA2DB5570CAF76942FF99101B993888E257
Serial number 61 33 26 1A 00 00 00 00 00 31
[+] Microsoft Root Certificate Authority
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 12:19 AM 5/10/2001
Valid to 12:28 AM 5/10/2021
Valid usage All
Algorithm sha1RSA
Thumbprint CDD4EEAE6000AC7F40C3802C171E30148030C072
Serial number 79 AD 16 A1 4A A0 A5 AD 4C 73 58 F4 07 13 2E 65
Counter signers
[+] Microsoft Time-Stamp Service
Status Valid
Issuer Microsoft Time-Stamp PCA
Valid from 6:58 PM 9/7/2016
Valid to 6:58 PM 9/7/2018
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint E3E53B2BF6A989D65267087739D8431F54E7F78F
Serial number 33 00 00 00 B5 AC 7D 6D 87 6B 26 11 47 00 00 00 00 00 B5
[+] Microsoft Time-Stamp PCA
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 1:53 PM 4/3/2007
Valid to 2:03 PM 4/3/2021
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 375FCB825C3DC3752A02E34EB70993B4997191EF
Serial number 61 16 68 34 00 00 00 00 00 1C
[+] Microsoft Root Certificate Authority
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 12:19 AM 5/10/2001
Valid to 12:28 AM 5/10/2021
Valid usage All
Algorithm sha1RSA
Thumbrint CDD4EEAE6000AC7F40C3802C171E30148030C072
Serial number 79 AD 16 A1 4A A0 A5 AD 4C 73 58 F4 07 13 2E 65
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-04-05 19:17:22
Entry Point 0x000251F6
Number of sections 3
.NET details
Module Version ID 57e6285b-76e0-42e7-a063-02f7269ba3ed
PE sections
Overlays
MD5 537e62b795fa8ea62cb02ff826dad179
File type data
Offset 145920
Size 16120
Entropy 7.43
PE imports
_CorDllMain
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
48.0

ImageVersion
0.0

FileVersionNumber
2.3.0.41907

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
1536

EntryPoint
0x251f6

OriginalFileName
Microsoft.ApplicationInsights.dll

MIMEType
application/octet-stream

Subsystem
Windows command line

FileVersion
2.3.0.41907

TimeStamp
2017:04:05 20:17:22+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
Microsoft.ApplicationInsights.dll

ProductVersion
2.3.0.41907

SubsystemVersion
6.0

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright Microsoft. All Rights Reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft

CodeSize
143872

FileSubtype
0

ProductVersionNumber
2.3.0.41907

FileTypeExtension
dll

ObjectFileType
Dynamic link library

AssemblyVersion
2.3.0.0

Compressed bundles
File identification
MD5 30682e6ef25b5835004162286aae2dd5
SHA1 b10c7caa7184987ad1e7cec3a21b2ab9e2bef834
SHA256 1eb337eb64ba4c78a0d98b87a39736395f8fb2d005d9b3428132941d22a4beee
ssdeep
3072:1xfWaHmbueo5OSJsFaHp4sm9VCIvvK41jP18qyhYjUSs+y0WcCK:XfVGbuezSJk44smKiDTs+Acn

authentihash eab7cf314a058c54958486aa21fa9b62afa3a9a03022712f647b59af2cca2c8b
imphash dae02f32a21e03ce65412f6e56942daa
File size 158.2 KB ( 162040 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 Mono/.Net assembly

TrID Win64 Executable (generic) (64.6%)
Win32 Dynamic Link Library (generic) (15.4%)
Win32 Executable (generic) (10.5%)
Generic Win/DOS Executable (4.6%)
DOS Executable Generic (4.6%)
Tags
assembly pedll signed overlay

VirusTotal metadata
First submission 2017-04-27 20:33:00 UTC ( 6 months, 3 weeks ago )
Last submission 2017-04-27 20:33:00 UTC ( 6 months, 3 weeks ago )
File names Microsoft.ApplicationInsights.dll
Microsoft.ApplicationInsights.dll
Microsoft.ApplicationInsights.dll
Microsoft.ApplicationInsights.dll
Microsoft.ApplicationInsights.dll
Microsoft.ApplicationInsights.dll
Microsoft.ApplicationInsights.dll
Microsoft.ApplicationInsights.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!