× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 28dd74afe0474cca8a396cec815cc34056aa6d05d41f388f989500fa17a5dc0b
File name: 2.dll
Detection ratio: 1 / 57
Analysis date: 2015-03-31 11:12:12 UTC ( 4 years, 1 month ago ) View latest
Antivirus Result Update
Tencent Trojan.Win32.Qudamah.Gen.11 20150331
Ad-Aware 20150331
AegisLab 20150331
Yandex 20150330
AhnLab-V3 20150331
Alibaba 20150331
ALYac 20150331
Antiy-AVL 20150331
Avast 20150331
AVG 20150331
Avira (no cloud) 20150331
AVware 20150331
Baidu-International 20150331
BitDefender 20150331
Bkav 20150331
ByteHero 20150331
CAT-QuickHeal 20150331
ClamAV 20150331
CMC 20150330
Comodo 20150331
Cyren 20150331
DrWeb 20150331
Emsisoft 20150331
ESET-NOD32 20150331
F-Prot 20150331
F-Secure 20150331
Fortinet 20150331
GData 20150331
Ikarus 20150331
Jiangmin 20150330
K7AntiVirus 20150331
K7GW 20150331
Kaspersky 20150331
Kingsoft 20150331
Malwarebytes 20150331
McAfee 20150331
McAfee-GW-Edition 20150330
Microsoft 20150331
eScan 20150331
NANO-Antivirus 20150331
Norman 20150331
nProtect 20150331
Panda 20150331
Qihoo-360 20150331
Rising 20150330
Sophos AV 20150331
SUPERAntiSpyware 20150331
Symantec 20150331
TheHacker 20150330
TotalDefense 20150330
TrendMicro 20150331
TrendMicro-HouseCall 20150331
VBA32 20150330
VIPRE 20150331
ViRobot 20150331
Zillya 20150331
Zoner 20150330
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
© ?????????? ??????????. ??? ????? ????????.

Publisher ?????????? ??????????
Product ???????????? ??????? Microsoft® Windows®
Original name DInput8.dll
Internal name DInput8.dll
File version 5.03.2621.5512 (xpsp.080413-0845)
Description Microsoft DirectInput
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-07-26 04:31:58
Entry Point 0x00005F70
Number of sections 4
PE sections
PE imports
GetLastError
GetVolumePathNameW
WriteConsoleInputA
FreeLibrary
GetNumberOfConsoleInputEvents
DebugBreak
GlobalUnlock
LoadLibraryA
LockFile
CompareFileTime
Heap32First
AddAtomA
ActivateActCtx
IsProcessInJob
GetLogicalDrives
CopyFileExW
InterlockedCompareExchange
RaiseException
GetModuleHandleA
InterlockedExchange
CreateHardLinkW
EnumSystemLanguageGroupsW
GetProcAddress
EnumDateFormatsW
LocalFree
CreateProcessA
GlobalAlloc
GetLogicalDriveStringsW
GetDiskFreeSpaceExW
LocalAlloc
OpenJobObjectA
fgets
fgetpos
abort
memset
_chkstk
memcpy
CoInternetCreateSecurityManager
PE exports
Number of PE resources by type
RT_STRING 93
RT_RCDATA 9
RT_VERSION 1
Number of PE resources by language
RUSSIAN 103
PE resources
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
5.2

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
5.3.2621.5512

UninitializedDataSize
0

LanguageCode
Russian

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
61440

FileOS
Windows NT 32-bit

EntryPoint
0x5f70

MIMEType
application/octet-stream

LegalCopyright
. .

FileVersion
5.03.2621.5512 (xpsp.080413-0845)

TimeStamp
1992:07:26 05:31:58+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
DInput8.dll

ProductVersion
5.03.2621.5512

FileDescription
Microsoft DirectInput

OSVersion
4.0

OriginalFilename
DInput8.dll

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CodeSize
307200

ProductName
Microsoft Windows

ProductVersionNumber
5.3.2621.5512

FileTypeExtension
dll

ObjectFileType
Dynamic link library

File identification
MD5 1f35f3fcede3eb9705e8d6bea7bceb10
SHA1 9d4ea65f64136cfb81450937630d51167dbf80a3
SHA256 28dd74afe0474cca8a396cec815cc34056aa6d05d41f388f989500fa17a5dc0b
ssdeep
6144:iXkxTzZnxozswSar9C6yUVnVoUU4lzOPsKuvQ/xteXWBTIH:nxw+5AC14m+aeXI

authentihash b449d3bebff3106c69134feea2b551bb7dac786c29c404d232f449e78654d34b
imphash 987444264ead9320d9de2e7ac08ad7a3
File size 356.0 KB ( 364544 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.4%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
pedll via-tor

VirusTotal metadata
First submission 2015-03-31 11:12:12 UTC ( 4 years, 1 month ago )
Last submission 2015-05-11 06:35:27 UTC ( 4 years ago )
File names 2.dll
2.dl
DInput8.dll
5.tmp
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!