× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1ec740f0ef3da86bd02919c195cc5702bec7ec588b3d82a0973ac3113d77d77d
File name: POWERCFG
Detection ratio: 0 / 55
Analysis date: 2016-07-23 23:34:24 UTC ( 2 years, 9 months ago )
Antivirus Result Update
Ad-Aware 20160723
AegisLab 20160723
AhnLab-V3 20160723
Alibaba 20160722
ALYac 20160723
Antiy-AVL 20160723
Arcabit 20160723
Avast 20160723
AVG 20160723
Avira (no cloud) 20160723
AVware 20160723
Baidu 20160723
BitDefender 20160723
Bkav 20160723
CAT-QuickHeal 20160723
ClamAV 20160723
CMC 20160715
Comodo 20160724
Cyren 20160724
DrWeb 20160724
Emsisoft 20160724
ESET-NOD32 20160723
F-Prot 20160724
F-Secure 20160724
Fortinet 20160724
GData 20160724
Ikarus 20160723
Jiangmin 20160723
K7AntiVirus 20160723
K7GW 20160724
Kaspersky 20160723
Kingsoft 20160724
Malwarebytes 20160723
McAfee 20160721
McAfee-GW-Edition 20160723
Microsoft 20160723
eScan 20160723
NANO-Antivirus 20160723
nProtect 20160722
Panda 20160723
Qihoo-360 20160724
Sophos AV 20160723
SUPERAntiSpyware 20160723
Symantec 20160723
Tencent 20160724
TheHacker 20160722
TotalDefense 20160723
TrendMicro 20160723
TrendMicro-HouseCall 20160723
VBA32 20160723
VIPRE 20160723
ViRobot 20160723
Yandex 20160723
Zillya 20160722
Zoner 20160723
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© ?????????? ??????????. ??? ????? ????????.

Product ???????????? ??????? Microsoft® Windows®
Original name POWERCFG.CPL
Internal name POWERCFG
File version 6.00.2900.5512 (xpsp.080413-2105)
Description ????????? ?????????? ???????????????
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2008-04-14 16:10:12
Entry Point 0x00002495
Number of sections 4
PE sections
PE imports
RegCreateKeyExW
GetTokenInformation
RegDeleteValueW
RegCloseKey
StartServiceW
OpenProcessToken
RegSetValueExW
QueryServiceStatus
OpenSCManagerW
RegEnumKeyExW
RegOpenKeyExW
OpenServiceW
AdjustTokenPrivileges
ControlService
RegEnumValueW
LockServiceDatabase
RegDeleteKeyW
CloseServiceHandle
ChangeServiceConfigW
UnlockServiceDatabase
RegQueryValueExW
PowerCapabilities
UpdateBatMeter
CreateBatMeter
BatMeterCapabilities
DestroyBatMeter
DeleteObject
GetObjectW
GetLastError
GetSystemInfo
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
DisableThreadLibraryCalls
lstrcmpiW
lstrlenW
GetCurrentProcess
GetWindowsDirectoryW
LocalAlloc
GetModuleHandleW
UnhandledExceptionFilter
lstrcatW
GetLocaleInfoW
lstrcpynW
lstrcpyW
GetModuleFileNameW
ExpandEnvironmentStringsW
GetSystemDirectoryW
GetDiskFreeSpaceW
SetUnhandledExceptionFilter
CloseHandle
GetSystemTimeAsFileTime
GlobalMemoryStatusEx
GetUserDefaultLCID
LocalFree
FormatMessageW
TerminateProcess
Sleep
GetCurrentThreadId
GetProcAddress
GetCurrentProcessId
SetLastError
GetActiveObject
RegisterActiveObject
RevokeActiveObject
ValidatePowerPolicies
GetActivePwrScheme
CanUserWritePwrScheme
GetPwrCapabilities
ReadGlobalPwrPolicy
EnumPwrSchemes
DeletePwrScheme
CallNtPowerInformation
WriteGlobalPwrPolicy
SetActivePwrScheme
GetCurrentPowerPolicies
GetPwrDiskSpindownRange
IsAdminOverrideActive
WritePwrScheme
CM_Get_Device_ID_ExW
CM_Get_HW_Prof_Flags_ExW
SetupDiSetClassInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiDeleteDeviceInfo
SetupDiGetDeviceInstallParamsW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiChangeState
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsExW
CM_Get_Hardware_Profile_Info_ExW
SetupDiCallClassInstaller
Ord(169)
ShellExecuteW
Ord(167)
Ord(168)
Ord(437)
SetFocus
RegisterWindowMessageW
GetParent
EndDialog
FindWindowW
CheckRadioButton
KillTimer
CharPrevW
ShowWindow
SetWindowPos
SetWindowLongW
MessageBoxW
EnableWindow
DialogBoxParamW
RegisterDeviceNotificationW
SendDlgItemMessageW
GetDlgItemTextW
GetDlgItemInt
CheckDlgButton
GetIconInfo
SendMessageW
GetWindowLongW
WinHelpW
LoadStringW
SetWindowTextW
GetDlgItem
SystemParametersInfoW
BringWindowToTop
CallWindowProcW
InvalidateRect
SetTimer
LoadImageW
IsDlgButtonChecked
GetWindowTextW
SetDlgItemTextW
SetDlgItemInt
UnregisterDeviceNotification
LoadIconW
wsprintfW
CharNextW
ExitWindowsEx
DestroyWindow
_except_handler3
_wcsicmp
wcscmp
wcschr
swscanf
wcscpy
wcslen
wcscat
_itow
RtlNtStatusToDosError
NtPowerInformation
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize
PE exports
Number of PE resources by type
RT_ICON 22
RT_BITMAP 22
RT_DIALOG 16
RT_STRING 12
RT_GROUP_ICON 6
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
RUSSIAN 80
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
7.1

ImageVersion
5.1

FileSubtype
0

FileVersionNumber
6.0.2900.5512

LanguageCode
Russian

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
1498624

EntryPoint
0x2495

OriginalFileName
POWERCFG.CPL

MIMEType
application/octet-stream

LegalCopyright
. .

FileVersion
6.00.2900.5512 (xpsp.080413-2105)

TimeStamp
2008:04:14 17:10:12+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
POWERCFG

ProductVersion
6.00.2900.5512

SubsystemVersion
4.1

OSVersion
5.1

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
47104

ProductName
Microsoft Windows

ProductVersionNumber
6.0.2900.5512

FileTypeExtension
dll

ObjectFileType
Dynamic link library

File identification
MD5 3d3fc8e5c1eed2d08d72fded7e1700a1
SHA1 1abef7588b6846b1505d735e65d772a1a9bdca97
SHA256 1ec740f0ef3da86bd02919c195cc5702bec7ec588b3d82a0973ac3113d77d77d
ssdeep
6144:Dir75mOmaSejENjMsoc26jyENjxtcCsXTTQiFvxLDCtjerL0r5HuEv5MAIDYGOki:+n/PSn1PsZ+ti3wtuJp8F0qxteB/ZGH

authentihash cf7b74106a9401b85b73ee9624f9c561c4e26ba1cdbbfe62145b968b93a320d4
imphash 8722dcf412d3fe8274dff7a8e1d4f708
File size 1.5 MB ( 1546752 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win 9x/ME Control Panel applet (50.7%)
Win32 Dynamic Link Library (generic) (21.4%)
Win32 Executable (generic) (14.7%)
Generic Win/DOS Executable (6.5%)
DOS Executable Generic (6.5%)
Tags
pedll

VirusTotal metadata
First submission 2016-06-25 23:20:54 UTC ( 2 years, 10 months ago )
Last submission 2016-06-25 23:20:54 UTC ( 2 years, 10 months ago )
File names POWERCFG.CPL
3d3fc8e5c1eed2d08d72fded7e1700a1.virus
POWERCFG
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!