× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 25221d8a576e3e6708de55b48821276659e7da98a2e7cae90172f2f9810782f6
File name: NTlCmBVJkD1.dll
Detection ratio: 9 / 57
Analysis date: 2016-09-20 14:51:47 UTC ( 1 year, 2 months ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.151026.9950.9999 20160920
Comodo Heur.Packed.Unknown 20160919
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20160725
Sophos ML ransom.win32.tescrypt.q 20160917
McAfee Ransomware-FMJ!85C2F4E9543C 20160920
Qihoo-360 HEUR/QVM40.1.0000.Malware.Gen 20160920
Rising Malware.Generic!Lv0ww11p7xB@2 (thunder) 20160920
Symantec Heur.AdvML.B 20160920
Tencent Win32.Trojan.Raas.Auto 20160920
Ad-Aware 20160920
AegisLab 20160920
AhnLab-V3 20160920
Alibaba 20160920
ALYac 20160920
Antiy-AVL 20160920
Arcabit 20160920
Avast 20160920
AVG 20160920
Avira (no cloud) 20160920
AVware 20160920
BitDefender 20160920
Bkav 20160920
CAT-QuickHeal 20160920
ClamAV 20160920
CMC 20160916
Cyren 20160920
DrWeb 20160920
Emsisoft 20160920
ESET-NOD32 20160920
F-Prot 20160920
F-Secure 20160920
Fortinet 20160920
GData 20160920
Ikarus 20160920
Jiangmin 20160920
K7AntiVirus 20160920
K7GW 20160920
Kaspersky 20160920
Kingsoft 20160920
Malwarebytes 20160920
McAfee-GW-Edition 20160920
Microsoft 20160920
eScan 20160920
NANO-Antivirus 20160920
nProtect 20160920
Panda 20160920
Sophos AV 20160920
SUPERAntiSpyware 20160919
TheHacker 20160920
TrendMicro 20160920
TrendMicro-HouseCall 20160920
VBA32 20160920
VIPRE 20160920
ViRobot 20160920
Yandex 20160919
Zillya 20160920
Zoner 20160920
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2012

Product iAd
Original name iAdCore.dll
Internal name ibbZore.dll
File version 1.0.0.1
Description iAd Core
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-09-20 10:47:11
Entry Point 0x00009AF0
Number of sections 13
PE sections
PE imports
OfflineClusterResource
FormatMessageW
QueryPerformanceFrequency
GetSystemDirectoryW
WriteProfileStringA
IsSystemResumeAutomatic
GetNamedPipeHandleStateA
WriteFileEx
SetFileValidData
CreateJobObjectW
LoadModule
PeekConsoleInputA
SetThreadIdealProcessor
MoveFileExA
MprAdminMIBBufferFree
MprAdminServerGetInfo
Shell_NotifyIconA
RegisterClassW
GetKeyboardLayoutList
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
7.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.1

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
126976

EntryPoint
0x9af0

OriginalFileName
iAdCore.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2012

FileVersion
1.0.0.1

TimeStamp
2016:09:20 11:47:11+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
ibbZore.dll

ProductVersion
1.0.0.1

FileDescription
iAd Core

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Apple, Inc

CodeSize
36864

ProductName
iAd

ProductVersionNumber
1.0.0.1

FileTypeExtension
dll

ObjectFileType
Dynamic link library

File identification
MD5 85c2f4e9543cdb2e810c50b59d63b649
SHA1 c7d9d364a7ec1359c8ed3fbc84c6682c4a24646d
SHA256 25221d8a576e3e6708de55b48821276659e7da98a2e7cae90172f2f9810782f6
ssdeep
3072:JLfL9hwK3nN4HlkFETmDhhQqM3Z5UVSjs7Pkijv10r0VEzm:BzBnkPTehuq4Z7Ukwv10KE

authentihash 8aa3732d7c679c065632cb5cb928bb02bd39e31e3766283802196362e5be540e
imphash 7ee5e567623bb6563365ceb6b3baab97
File size 168.0 KB ( 172032 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.6%)
Clipper DOS Executable (19.1%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
VXD Driver (0.2%)
Tags
pedll

VirusTotal metadata
First submission 2016-09-20 14:51:47 UTC ( 1 year, 2 months ago )
Last submission 2016-09-20 18:43:00 UTC ( 1 year, 2 months ago )
File names TBTVEUlLYJ1.dll
iAdCore.dll
ibbZore.dll
NTlCmBVJkD1.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!