× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2099da12af468a6bfe3a2e9ca4b90bb237a3d491147aad6b52a96b84bf27275e
File name: ZNirvanaZ 1.0 Simples.dll
Detection ratio: 0 / 35
Analysis date: 2012-06-03 20:24:16 UTC ( 6 years, 7 months ago ) View latest
Antivirus Result Update
AhnLab-V3 20120603
AntiVir 20120603
Antiy-AVL 20120603
Avast 20120603
BitDefender 20120603
ByteHero 20120531
CAT-QuickHeal 20120603
ClamAV 20120602
Commtouch 20120603
Comodo 20120603
Emsisoft 20120603
eSafe 20120603
F-Prot 20120603
Fortinet 20120603
GData 20120603
Ikarus 20120603
Jiangmin 20120603
K7AntiVirus 20120601
Kaspersky 20120603
McAfee 20120603
McAfee-GW-Edition 20120603
Microsoft 20120602
NOD32 20120603
Norman 20120603
nProtect 20120603
Panda 20120603
PCTools 20120603
Rising 20120601
SUPERAntiSpyware 20120602
Symantec 20120603
TheHacker 20120531
TotalDefense 20120601
VIPRE 20120603
ViRobot 20120603
VirusBuster 20120603
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-06-02 01:57:01
Entry Point 0x00002FE0
Number of sections 5
PE sections
PE imports
GetModuleHandleA, ExitProcess, VirtualProtect, Sleep, CreateThread, InterlockedExchange, InterlockedCompareExchange, GetSystemTimeAsFileTime, GetCurrentProcessId, GetCurrentThreadId, GetTickCount, QueryPerformanceCounter, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, GetCurrentProcess, TerminateProcess
malloc, _CIsin, _encode_pointer, _malloc_crt, free, _encoded_null, _decode_pointer, _initterm, _initterm_e, _amsg_exit, _adjust_fdiv, __CppXcptFilter, _crt_debugger_hook, __clean_type_info_names_internal, _unlock, __dllonexit, _lock, _onexit, _except_handler4_common, _CIcos, memset
SetRect, GetSystemMetrics, GetCursorPos, GetAsyncKeyState, GetDesktopWindow
Direct3DCreate9
D3DXCreateFontA, D3DXCreateLine
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2012:06:02 03:57:01+02:00

FileType
Win32 DLL

PEType
PE32

CodeSize
9728

LinkerVersion
9.0

EntryPoint
0x2fe0

InitializedDataSize
5632

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 f7cd6f0b743f0a96358b455246ed6751
SHA1 f3db8837691bc23e7b83c4ce99fe39b1f1e15924
SHA256 2099da12af468a6bfe3a2e9ca4b90bb237a3d491147aad6b52a96b84bf27275e
ssdeep
192:JVmobWFD0gKDcN4RtXn/8+4qbvUkHCt4if8Ncid1nDhvHrlmacFQW0YDevW0SAah:5r/gK1fd1NvLlv60bvW0SAarukLX

File size 16.0 KB ( 16424 bytes )
File type Win32 DLL
Magic literal
MS-DOS executable PE for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2012-06-03 20:24:16 UTC ( 6 years, 7 months ago )
Last submission 2012-06-06 17:14:20 UTC ( 6 years, 7 months ago )
File names smona_2099da12af468a6bfe3a2e9ca4b90bb237a3d491147aad6b52a96b84bf27275e.bin
ZNirvanaZ 1.0 Simples.dll
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!