× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 20c5c568c3500902a8613c6af2ee788aec81625c14859552e4b4e1118943a370
File name: _889C8375C418419F8294688D4527549B
Detection ratio: 0 / 57
Analysis date: 2017-01-24 16:27:51 UTC ( 2 years, 3 months ago )
Antivirus Result Update
Ad-Aware 20170124
AegisLab 20170124
AhnLab-V3 20170124
Alibaba 20170122
ALYac 20170124
Antiy-AVL 20170124
Arcabit 20170124
Avast 20170124
AVG 20170124
Avira (no cloud) 20170124
AVware 20170124
Baidu 20170124
BitDefender 20170124
Bkav 20170123
CAT-QuickHeal 20170124
ClamAV 20170124
CMC 20170124
Comodo 20170124
CrowdStrike Falcon (ML) 20161024
Cyren 20170124
DrWeb 20170124
Emsisoft 20170124
ESET-NOD32 20170124
F-Prot 20170124
F-Secure 20170124
Fortinet 20170124
GData 20170124
Ikarus 20170124
Sophos ML 20170111
Jiangmin 20170124
K7AntiVirus 20170124
K7GW 20170124
Kaspersky 20170124
Kingsoft 20170124
Malwarebytes 20170124
McAfee 20170124
McAfee-GW-Edition 20170124
Microsoft 20170124
eScan 20170124
NANO-Antivirus 20170124
nProtect 20170124
Panda 20170124
Qihoo-360 20170124
Rising 20170124
Sophos AV 20170124
SUPERAntiSpyware 20170124
Symantec 20170124
Tencent 20170124
TheHacker 20170123
TotalDefense 20170124
TrendMicro 20170124
TrendMicro-HouseCall 20170124
Trustlook 20170124
VBA32 20170124
VIPRE 20170124
ViRobot 20170124
WhiteArmor 20170123
Yandex 20170123
Zillya 20170124
Zoner 20170124
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
2002-2012

Product Catalyst Control Center
Original name CLI.Aspect.UpdateNotification.Graphics.Runtime.dll
Internal name CLI.Aspect.UpdateNotification.Graphics.Runtime.dll
File version 3.5.4703.27295
Description Runtime UpdateNotification Aspect
Comments Runtime types for UpdateNotification Aspect in Graphics Caste
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-11-16 20:09:51
Entry Point 0x0000543E
Number of sections 3
.NET details
Module Version ID 8360511f-3ce3-4cf7-b1c5-880833d76d9c
PE sections
PE imports
_CorDllMain
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

Comments
Runtime types for UpdateNotification Aspect in Graphics Caste

InitializedDataSize
2048

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.5.4703.27295

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
8.0

EntryPoint
0x543e

OriginalFileName
CLI.Aspect.UpdateNotification.Graphics.Runtime.dll

MIMEType
application/octet-stream

LegalCopyright
2002-2012

FileVersion
3.5.4703.27295

TimeStamp
2012:11:16 21:09:51+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
CLI.Aspect.UpdateNotification.Graphics.Runtime.dll

SubsystemVersion
4.0

ProductVersion
3.5.4703.27295

FileDescription
Runtime UpdateNotification Aspect

OSVersion
4.0

FileOS
Win32

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Advanced Micro Devices Inc.

CodeSize
13824

ProductName
Catalyst Control Center

ProductVersionNumber
3.5.4703.27295

FileTypeExtension
dll

ObjectFileType
Dynamic link library

AssemblyVersion
3.5.4703.27295

CarbonBlack CarbonBlack acts as a surveillance camera for computers
While monitoring an end-user machine in-the-wild, CarbonBlack noticed the following files in execution wrote this sample to disk.
Compressed bundles
File identification
MD5 33df0fc5c66787a012c511ca0fe31ba3
SHA1 7488dd72ce9eee4cfce55903efb5f1534a9758d9
SHA256 20c5c568c3500902a8613c6af2ee788aec81625c14859552e4b4e1118943a370
ssdeep
192:quih2bdq+UNcX2uK/j2YCX0R4g8KH7hCe9KFT7dxPX+mHGGa2:qPMHUMw/iBER4g88ltKFThxPX+mHm2

authentihash bab1f55975f10d59d320c72bc09bb546a363c81853176263ce1d9592ebc952fc
imphash dae02f32a21e03ce65412f6e56942daa
File size 16.0 KB ( 16384 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit Mono/.Net assembly

TrID Generic .NET DLL/Assembly (94.0%)
Win32 Dynamic Link Library (generic) (2.5%)
Win32 Executable (generic) (1.7%)
Generic Win/DOS Executable (0.7%)
DOS Executable Generic (0.7%)
Tags
assembly pedll

VirusTotal metadata
First submission 2013-08-31 03:41:39 UTC ( 5 years, 7 months ago )
Last submission 2017-01-24 16:27:51 UTC ( 2 years, 3 months ago )
File names _889C8375C418419F8294688D4527549B
CLI.Aspect.UpdateNotification.Graphics.Runtime.dll
aa
CLI.Aspect.UpdateNotification.Graphics.Runtime.dll
CLI.Aspect.UpdateNotification.Graphics.Runtime.dll
CLI.Aspect.UpdateNotification.Graphics.Runtime.dll
CLI.Aspect.UpdateNotification.Graphics.Runtime.dll
CLI.Aspect.UpdateNotification.Graphics.Runtime.dll
CLI.Aspect.UpdateNotification.Graphics.Runtime.dll
CLI.Aspect.UpdateNotification.Graphics.Runtime.dll
CLI.Aspect.UpdateNotification.Graphics.Runtime.dll
CLI.Aspect.UpdateNotification.Graphics.Runtime.dll
33DF0FC5C66787A012C511CA0FE31BA3
CLI.Aspect.UpdateNotification.Graphics.Runtime.dll
cli.aspect.updatenotification.graphics.runtime.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!