× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1f6916a12d8294630d59ed71c971a6d7daf1609b6a95675f863cd14db415df4a
File name: DWGImporter.dll
Detection ratio: 1 / 49
Analysis date: 2013-12-19 04:36:56 UTC ( 5 years, 5 months ago ) View latest
Antivirus Result Update
Kaspersky UDS:DangerousObject.Multi.Generic 20131219
Ad-Aware 20131211
Yandex 20131217
AhnLab-V3 20131218
AntiVir 20131219
Antiy-AVL 20131218
Avast 20131219
AVG 20131218
Baidu-International 20131213
BitDefender 20131211
Bkav 20131218
ByteHero 20130613
CAT-QuickHeal 20131218
ClamAV 20131219
CMC 20131217
Commtouch 20131219
Comodo 20131219
DrWeb 20131219
Emsisoft 20131219
ESET-NOD32 20131219
F-Prot 20131219
F-Secure 20131219
Fortinet 20131218
GData 20131219
Ikarus 20131219
Jiangmin 20131219
K7AntiVirus 20131218
K7GW 20131218
Kingsoft 20130829
Malwarebytes 20131219
McAfee 20131219
McAfee-GW-Edition 20131219
Microsoft 20131219
eScan 20131218
NANO-Antivirus 20131219
Norman 20131218
nProtect 20131218
Panda 20131218
Rising 20131218
Sophos AV 20131219
SUPERAntiSpyware 20131219
Symantec 20131219
TheHacker 20131218
TotalDefense 20131218
TrendMicro 20131219
TrendMicro-HouseCall 20131219
VBA32 20131218
VIPRE 20131219
ViRobot 20131219
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright 1996-2011 Autodesk, Inc.

Product Autodesk Design Review
Original name DWGImporter.dll
Internal name DWGImporter.dll
File version 12.0.0.93
Description DWG Import Support Module
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-12-30 03:32:56
Entry Point 0x00001000
Number of sections 5
PE sections
PE imports
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegDeleteKeyW
RegSetValueExW
RegQueryInfoKeyW
RegQueryValueExA
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExW
GetDeviceCaps
DeleteDC
SelectObject
GetStockObject
CreateSolidBrush
GetObjectW
BitBlt
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
SetThreadLocale
GetLastError
InterlockedDecrement
HeapFree
IsProcessorFeaturePresent
EnterCriticalSection
lstrlenA
LoadLibraryW
GlobalFree
WaitForSingleObject
GetVersionExW
FreeLibrary
QueryPerformanceCounter
MulDiv
IsDebuggerPresent
GetTickCount
GetThreadLocale
FindResourceExW
GlobalUnlock
GetModuleFileNameA
GlobalHandle
LoadLibraryA
VerifyVersionInfoW
VerSetConditionMask
DeleteCriticalSection
GetCurrentProcess
SizeofResource
GetLocaleInfoA
GetCurrentProcessId
LockResource
lstrlenW
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
HeapSize
DeleteFileW
GetUserDefaultLCID
InterlockedCompareExchange
FlushInstructionCache
GetLocaleInfoW
GetTempFileNameW
LeaveCriticalSection
GetModuleFileNameW
GetDllDirectoryW
RaiseException
WideCharToMultiByte
SetEnvironmentVariableW
ExpandEnvironmentStringsW
IsValidLocale
InterlockedExchange
SetUnhandledExceptionFilter
GetTempPathW
InterlockedIncrement
CloseHandle
GetSystemTimeAsFileTime
FindResourceW
SetDllDirectoryW
TerminateProcess
lstrcmpW
HeapReAlloc
LocalAlloc
GlobalLock
SetEvent
IsWow64Process
CreateEventW
lstrcmpiW
InitializeCriticalSection
LoadResource
OpenEventW
GetModuleHandleW
GlobalAlloc
VirtualFree
HeapDestroy
Sleep
SetFileAttributesW
GetProcAddress
HeapAlloc
GetCurrentThreadId
GetProcessHeap
VirtualAlloc
GetEnvironmentVariableW
SetLastError
ResetEvent
LoadRegTypeLib
OleCreateFontIndirect
SysFreeString
SysStringLen
UnRegisterTypeLib
SysStringByteLen
RegisterTypeLib
VarBstrCat
VariantClear
SysAllocStringLen
VarBstrCmp
LoadTypeLib
GetErrorInfo
SysAllocString
SysAllocStringByteLen
VariantInit
VarUI4FromStr
SHGetFileInfoW
PathFileExistsW
SetFocus
RedrawWindow
GetClassInfoExW
CreateDialogIndirectParamW
RegisterWindowMessageW
EndPaint
EndDialog
BeginPaint
SetWindowTextW
DefWindowProcW
SetWindowContextHelpId
CopyIcon
DestroyAcceleratorTable
ScreenToClient
ShowWindow
SetWindowPos
GetParent
SetWindowLongW
IsWindow
ReleaseCapture
RegisterClassExW
UpdateWindow
SetCapture
MoveWindow
DestroyCursor
SendDlgItemMessageW
LoadCursorFromFileW
GetWindow
GetSysColor
GetDC
MapDialogRect
SendMessageW
UnregisterClassA
GetWindowTextLengthW
GetClientRect
GetDlgItem
SetCursor
MessageBoxW
ClientToScreen
InvalidateRect
CallWindowProcW
GetClassNameW
DialogBoxIndirectParamW
FillRect
CreateAcceleratorTableW
GetWindowTextW
GetDesktopWindow
LoadCursorW
GetFocus
CreateWindowExW
ReleaseDC
GetWindowLongW
InvalidateRgn
CharNextW
IsChild
DestroyWindow
CreateStreamOnHGlobal
OleUninitialize
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
OleLockRunning
StringFromCLSID
CoTaskMemFree
OleInitialize
CLSIDFromString
StringFromGUID2
CoGetClassObject
PE exports
Number of PE resources by type
RT_MANIFEST 1
TYPELIB 1
RT_STRING 1
REGISTRY 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 5
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
467456

ImageVersion
0.0

ProductName
Autodesk Design Review

FileVersionNumber
12.0.0.93

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
DWG Import Support Module

CharacterSet
Unicode

LinkerVersion
9.0

FileTypeExtension
dll

OriginalFileName
DWGImporter.dll

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
12.0.0.93

TimeStamp
2010:12:30 04:32:56+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
DWGImporter.dll

ProductVersion
12.0.0.93

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

LegalCopyright
Copyright 1996-2011 Autodesk, Inc.

MachineType
Intel 386 or later, and compatibles

CompanyName
Autodesk, Inc.

CodeSize
464384

FileSubtype
0

ProductVersionNumber
12.0.0.93

EntryPoint
0x1000

ObjectFileType
Dynamic link library

Execution parents
Compressed bundles
File identification
MD5 701b6f32d529140e18b9d10298df2add
SHA1 bc45a065a2b384d39c12ad7bb3e04cbdea0d8af8
SHA256 1f6916a12d8294630d59ed71c971a6d7daf1609b6a95675f863cd14db415df4a
ssdeep
6144:0vM2N0xv+GAKsjGvaOJU2u5W9hzxjkSgil1TBWLOtAm:0IvLgjpZ2GWHOlil1

authentihash 7d6d886a5f9147e6713bd18f087f9c3dd2c5fc9b16becafc06913904507353e7
imphash 112c8a59e6e5c735ac3459615584bdf6
File size 573.5 KB ( 587264 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID DirectShow filter (51.1%)
Windows ActiveX control (29.5%)
Win32 Executable MS Visual C++ (generic) (7.9%)
Win64 Executable (generic) (7.0%)
Win32 Dynamic Link Library (generic) (1.6%)
Tags
pedll

VirusTotal metadata
First submission 2013-12-19 04:36:56 UTC ( 5 years, 5 months ago )
Last submission 2018-05-18 16:25:18 UTC ( 1 year ago )
File names dblponmr.dll
DWGImporter.dll
DWGImporter.dll
dblponmr.dll
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!