× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 259b31c527029486e6d1cd7a055db64f8e250e3add2fff173e0ea737de3b57a3
File name: 0.efi
Detection ratio: 0 / 57
Analysis date: 2015-06-10 02:43:05 UTC ( 2 years, 11 months ago )
Antivirus Result Update
Ad-Aware 20150610
AegisLab 20150610
Yandex 20150609
AhnLab-V3 20150609
Alibaba 20150609
ALYac 20150610
Antiy-AVL 20150610
Arcabit 20150610
Avast 20150610
AVG 20150610
Avira (no cloud) 20150610
AVware 20150610
Baidu-International 20150609
BitDefender 20150610
Bkav 20150609
ByteHero 20150610
CAT-QuickHeal 20150610
ClamAV 20150610
CMC 20150604
Comodo 20150609
Cyren 20150610
DrWeb 20150610
Emsisoft 20150610
ESET-NOD32 20150610
F-Prot 20150609
F-Secure 20150610
Fortinet 20150609
GData 20150610
Ikarus 20150609
Jiangmin 20150609
K7AntiVirus 20150609
K7GW 20150609
Kaspersky 20150609
Kingsoft 20150610
Malwarebytes 20150609
McAfee 20150610
McAfee-GW-Edition 20150609
Microsoft 20150610
eScan 20150610
NANO-Antivirus 20150610
nProtect 20150609
Panda 20150609
Qihoo-360 20150610
Rising 20150609
Sophos AV 20150610
SUPERAntiSpyware 20150610
Symantec 20150610
Tencent 20150610
TheHacker 20150609
TotalDefense 20150609
TrendMicro 20150610
TrendMicro-HouseCall 20150610
VBA32 20150609
VIPRE 20150610
ViRobot 20150610
Zillya 20150610
Zoner 20150609
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file.
PE header basic information
Target machine x64
Entry Point 0x00000598
Number of sections 2
PE sections
Compressed bundles
File identification
MD5 6ab45a90c8c7e2ffeeeb1e7339ffad5b
SHA1 8f5dc72a7f06d0aa5442d614be653217b1164d36
SHA256 259b31c527029486e6d1cd7a055db64f8e250e3add2fff173e0ea737de3b57a3
ssdeep
24:o/yv0tpjZ+slQptI/uxbyPkFY0h0cg0gje8/guKcYKvtTeMeOaeEFaK6VoHB:tv0zo0ASLsm1agje8/EKvtTeMJO8e

authentihash 2e0642ae40d0dad29b700cb9ff1bf9ea3a58b5ed6d902b9634e5651f309674d5
File size 2.2 KB ( 2208 bytes )
File type Win32 DLL
Magic literal
MS-DOS executable

TrID DOS Executable Borland Pascal 7.0x (33.5%)
Generic Win/DOS Executable (32.9%)
DOS Executable Generic (32.9%)
Sybase iAnywhere database files (0.3%)
Targa bitmap (Original TGA Format) (0.1%)
Tags
pedll

VirusTotal metadata
First submission 2015-05-27 02:29:57 UTC ( 2 years, 12 months ago )
Last submission 2015-05-27 02:29:57 UTC ( 2 years, 12 months ago )
File names 721c8b66-426c-4e86-8e99-3457c46ab0b9 (LENOVO_SYSTEM_SETUP2_DXE_GUID)
0.efi
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!