× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 289189a211ca272f66ccf97ad93ec8073d9e8f8f47c3f8cef4dd234a7d6e8b40
File name: BioLayer
Detection ratio: 0 / 62
Analysis date: 2017-03-23 21:36:49 UTC ( 2 years ago )
Antivirus Result Update
Ad-Aware 20170323
AegisLab 20170323
AhnLab-V3 20170323
Alibaba 20170323
ALYac 20170323
Antiy-AVL 20170323
Arcabit 20170323
Avast 20170323
AVG 20170323
Avira (no cloud) 20170323
AVware 20170323
Baidu 20170323
BitDefender 20170323
Bkav 20170323
CAT-QuickHeal 20170322
ClamAV 20170323
CMC 20170317
Comodo 20170323
CrowdStrike Falcon (ML) 20170130
Cyren 20170323
DrWeb 20170323
Emsisoft 20170323
Endgame 20170317
ESET-NOD32 20170323
F-Prot 20170323
F-Secure 20170323
Fortinet 20170323
GData 20170323
Ikarus 20170323
Sophos ML 20170203
Jiangmin 20170323
K7AntiVirus 20170323
K7GW 20170323
Kaspersky 20170323
Kingsoft 20170323
Malwarebytes 20170323
McAfee 20170323
McAfee-GW-Edition 20170323
Microsoft 20170323
eScan 20170323
NANO-Antivirus 20170323
nProtect 20170323
Palo Alto Networks (Known Signatures) 20170323
Panda 20170323
Qihoo-360 20170323
Rising 20170323
SentinelOne (Static ML) 20170315
Sophos AV 20170323
SUPERAntiSpyware 20170323
Symantec 20170322
Symantec Mobile Insight 20170322
Tencent 20170323
TheHacker 20170321
TotalDefense 20170323
TrendMicro 20170323
TrendMicro-HouseCall 20170323
Trustlook 20170323
VBA32 20170323
VIPRE 20170323
ViRobot 20170323
Webroot 20170323
WhiteArmor 20170315
Yandex 20170323
Zillya 20170323
ZoneAlarm by Check Point 20170323
Zoner 20170323
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
©AuthenTec Inc. All rights reserved.

Product BioLayer Dynamic Link Library
Original name BioLayer.dll
Internal name BioLayer
File version 5.1.100.49
Description BioLayer Dynamic Link Library
Signature verification Signed file, verified signature
Signing date 6:10 PM 8/30/2012
Signers
[+] AuthenTec
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer VeriSign Class 3 Code Signing 2010 CA
Valid from 1:00 AM 11/30/2010
Valid to 12:59 AM 12/5/2013
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint B338920F69F04ED6D76FDFE701560BBED05CB06A
Serial number 46 6B 0D 1B 8D 61 26 4F EC 1A 66 A2 EE B0 1D 84
[+] VeriSign Class 3 Code Signing 2010 CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 2/8/2010
Valid to 12:59 AM 2/8/2020
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 495847A93187CFB8C71F840CB7B41497AD95C64F
Serial number 52 00 E5 AA 25 56 FC 1A 86 ED 96 C9 D4 4B 33 C7
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec Time Stamping Services Signer - G3
Status This certificate or one of the certificates in the certificate chain is not time valid., The revocation status of the certificate or one of the certificates in the certificate chain is unknown., Error 65536 (0x10000), The revocation status of the certificate or one of the certificates in the certificate chain is either offline or stale.
Issuer VeriSign Time Stamping Services CA
Valid from 1:00 AM 5/1/2012
Valid to 12:59 AM 1/1/2013
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 8FD99D63FB3AFBD534A4F6E31DACD27F59504021
Serial number 79 A2 A5 85 F9 D1 15 42 13 D9 B8 3E F6 B6 8D ED
[+] VeriSign Time Stamping Services CA
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/4/2003
Valid to 12:59 AM 12/4/2013
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D
Serial number 47 BF 19 95 DF 8D 52 46 43 F7 DB 6D 48 0D 31 A4
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-08-30 17:00:48
Entry Point 0x0002B95B
Number of sections 5
PE sections
Overlays
MD5 4b776892d24d90920895aa84c58fef74
File type data
Offset 429568
Size 5992
Entropy 7.30
PE imports
RegCloseKey
OpenProcessToken
RegQueryValueExA
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegOpenKeyExA
RegQueryValueExW
CertFreeCertificateContext
CryptMsgClose
CertCloseStore
CryptMsgGetParam
CryptQueryObject
SetMapMode
TextOutW
SaveDC
GetClipBox
GetDeviceCaps
OffsetViewportOrgEx
DeleteDC
RestoreDC
DeleteObject
SetTextColor
ExtTextOutW
CreateBitmap
RectVisible
GetStockObject
SetViewportOrgEx
ScaleWindowExtEx
PtVisible
ScaleViewportExtEx
SelectObject
SetWindowExtEx
Escape
SetBkColor
SetViewportExtEx
SetThreadLocale
GetStdHandle
GetConsoleOutputCP
GetFileAttributesA
HeapDestroy
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
FreeLibrary
LocalFree
InitializeCriticalSection
LoadResource
GlobalHandle
InterlockedDecrement
OutputDebugStringA
SetLastError
GetUserDefaultUILanguage
GlobalFindAtomW
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
FlushFileBuffers
GetModuleFileNameA
EnumSystemLocalesA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetModuleHandleA
GlobalAddAtomW
SetNamedPipeHandleState
SetUnhandledExceptionFilter
TerminateProcess
WriteConsoleA
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
GetStartupInfoA
GlobalDeleteAtom
GetProcAddress
GetProcessHeap
WaitNamedPipeW
GlobalReAlloc
lstrcmpA
IsValidLocale
lstrcmpW
GetUserDefaultLCID
CreateFileW
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
InterlockedIncrement
GetLastError
LocalReAlloc
LCMapStringW
lstrlenA
GlobalFree
GetConsoleCP
FindResourceW
LCMapStringA
GetEnvironmentStringsW
GlobalUnlock
lstrlenW
GetEnvironmentStrings
GetCurrentProcessId
LockResource
WideCharToMultiByte
HeapSize
GetCommandLineA
InterlockedCompareExchange
RaiseException
TlsFree
SetFilePointer
ReadFile
GlobalFlags
CloseHandle
GetACP
GlobalLock
GetModuleHandleW
SizeofResource
IsValidCodePage
HeapCreate
FindResourceExW
VirtualFree
Sleep
VirtualAlloc
CreateStdAccessibleObject
LresultFromObject
VariantChangeType
VariantClear
SysAllocString
DispCallFunc
GetErrorInfo
SysFreeString
VariantInit
GenerateOTP
MapWindowPoints
RegisterWindowMessageW
GetForegroundWindow
GetClassInfoExW
ReleaseDC
DrawTextExW
GetPropW
LoadBitmapW
GetFocus
DefWindowProcW
UnhookWindowsHookEx
GetCapture
SetMenuItemBitmaps
DestroyMenu
PostQuitMessage
GetMessagePos
SetPropW
GetParent
GetWindowThreadProcessId
ValidateRect
GetSystemMetrics
SetWindowLongW
IsWindow
PeekMessageW
GrayStringW
GetWindowRect
EnableWindow
SetMenu
GetDC
CallNextHookEx
UnregisterHotKey
CopyRect
SetWindowPos
AdjustWindowRectEx
GetSysColorBrush
GetMessageTime
GetWindow
PostMessageW
GetSysColor
DispatchMessageW
RegisterClassW
GetMenuItemID
GetKeyState
SystemParametersInfoA
GetDlgCtrlID
CheckMenuItem
SendMessageW
GetClassLongW
GetMenuCheckMarkDimensions
GetLastActivePopup
WinHelpW
GetWindowPlacement
IsWindowEnabled
SetWindowTextW
GetDlgItem
RemovePropW
DrawTextW
MessageBoxW
IsIconic
ClientToScreen
GetMenuItemCount
GetSubMenu
CallWindowProcW
GetClassNameW
GetTopWindow
RegisterHotKey
ModifyMenuW
GetClientRect
GetWindowTextW
EnableMenuItem
GetMenuState
SetWindowsHookExW
LoadCursorW
LoadIconW
GetClassInfoW
CreateWindowExW
TabbedTextOutW
GetWindowLongW
SetForegroundWindow
PtInRect
GetMenu
ExitWindowsEx
DestroyWindow
ClosePrinter
DocumentPropertiesW
OpenPrinterW
CoInitializeEx
CoUninitialize
CoInitialize
CoCreateInstance
CoInitializeSecurity
CoSetProxyBlanket
PE exports
Number of PE resources by type
RT_STRING 34
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 3
HEBREW DEFAULT 1
PORTUGUESE 1
ESTONIAN DEFAULT 1
LITHUANIAN 1
FRENCH 1
CHINESE SIMPLIFIED 1
SLOVENIAN DEFAULT 1
DUTCH 1
ITALIAN 1
NORWEGIAN BOKMAL 1
PORTUGUESE BRAZILIAN 1
HUNGARIAN DEFAULT 1
FINNISH DEFAULT 1
KOREAN 1
CZECH DEFAULT 1
LATVIAN DEFAULT 1
SWEDISH NEUTRAL 1
GERMAN 1
BULGARIAN DEFAULT 1
POLISH DEFAULT 1
JAPANESE DEFAULT 1
DANISH DEFAULT 1
SLOVAK DEFAULT 1
GREEK DEFAULT 1
TURKISH DEFAULT 1
CHINESE TRADITIONAL 1
SERBIAN DEFAULT 1
ARABIC SAUDI ARABIA 1
NEUTRAL 1
SPANISH MODERN 1
ROMANIAN 1
RUSSIAN 1
SERBIAN LATIN 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
137216

ImageVersion
0.0

ProductName
BioLayer Dynamic Link Library

FileVersionNumber
5.1.100.49

LanguageCode
English (U.S.)

FileFlagsMask
0x0017

FileDescription
BioLayer Dynamic Link Library

CharacterSet
Unicode

LinkerVersion
9.0

FileTypeExtension
dll

OriginalFileName
BioLayer.dll

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
5.1.100.49

TimeStamp
2012:08:30 18:00:48+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
BioLayer

ProductVersion
5.1.100.49

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

LegalCopyright
AuthenTec Inc. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
AuthenTec Inc.

CodeSize
291328

FileSubtype
0

ProductVersionNumber
5.1.100.49

EntryPoint
0x2b95b

ObjectFileType
Dynamic link library

Compressed bundles
File identification
MD5 51836ae18690a18cd0f3160cec0f2d5e
SHA1 8bcc568f3afb3245aa6d8303e918b3df4297c2bb
SHA256 289189a211ca272f66ccf97ad93ec8073d9e8f8f47c3f8cef4dd234a7d6e8b40
ssdeep
6144:TB4/HxbV38rSWpPKP/F7XagG+POqZ+wmXEf/o4fbM2qoDP9c8VyIzC:TuvxbF8F8m+POqZ+w86/5oAlKI2

authentihash 112d69923685866d826adf567eebb99086b03040b76580cd36941c867a3aac96
imphash 24c420bb14e33e8cfef3f5c2828ff35f
File size 425.4 KB ( 435560 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
pedll signed overlay

VirusTotal metadata
First submission 2014-05-12 05:09:04 UTC ( 4 years, 10 months ago )
Last submission 2017-03-23 21:36:49 UTC ( 2 years ago )
File names biolayer.dll
BioLayer
26543
51836AE18690A18CD0F3160CEC0F2D5E
BioLayer.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!