× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 295029bf98e8a763ad9044d2d0eb1c2c670d5a21e3179cfb68ccf73c3a2cab0c
File name: devmgr
Detection ratio: 0 / 55
Analysis date: 2014-12-25 04:40:06 UTC ( 4 years, 5 months ago )
Antivirus Result Update
Ad-Aware 20141229
AegisLab 20141229
Yandex 20141228
AhnLab-V3 20141228
ALYac 20141229
Antiy-AVL 20141229
Avast 20141229
AVG 20141229
Avira (no cloud) 20141229
AVware 20141229
Baidu-International 20141229
BitDefender 20141229
Bkav 20141229
ByteHero 20141229
CAT-QuickHeal 20141229
ClamAV 20141229
CMC 20141229
Comodo 20141229
Cyren 20141229
DrWeb 20141229
Emsisoft 20141229
F-Prot 20141229
F-Secure 20141228
Fortinet 20141228
GData 20141229
Ikarus 20141229
Jiangmin 20141228
K7AntiVirus 20141229
K7GW 20141229
Kaspersky 20141229
Kingsoft 20141229
Malwarebytes 20141229
McAfee 20141229
McAfee-GW-Edition 20141228
Microsoft 20141229
eScan 20141229
NANO-Antivirus 20141229
Norman 20141229
nProtect 20141229
Panda 20141229
Qihoo-360 20141229
Rising 20141229
Sophos AV 20141229
SUPERAntiSpyware 20141229
Symantec 20141229
Tencent 20141229
TheHacker 20141229
TotalDefense 20141229
TrendMicro 20141229
TrendMicro-HouseCall 20141229
VBA32 20141229
VIPRE 20141229
ViRobot 20141229
Zillya 20141229
Zoner 20141228
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© ?????????? ??????????. ??? ????? ????????.

Publisher ?????????? ??????????
Product ???????????? ??????? Microsoft® Windows®
Original name devmgr.dll
Internal name devmgr
File version 5.1.2600.5512 (xpsp.080413-2105)
Description ?????????? ???????? ?????????? ?????????
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2008-04-14 16:09:11
Entry Point 0x00001E6A
Number of sections 4
PE sections
PE imports
RegCreateKeyExW
CloseServiceHandle
RegDeleteValueW
RegConnectRegistryW
RegCloseKey
AdjustTokenPrivileges
OpenProcessToken
RegSetValueExW
RegQueryValueExA
OpenSCManagerW
RegEnumKeyExW
RegOpenKeyExW
OpenServiceW
QueryServiceConfigW
LookupPrivilegeValueW
RegDeleteKeyW
RegOpenKeyExA
RegQueryValueExW
GetDeviceCaps
GetTextMetricsW
EndPage
TextOutW
StartDocW
SetAbortProc
EndDoc
DeleteDC
StartPage
DeleteObject
AbortDoc
GetLastError
SetCurrentDirectoryW
GetSystemTimeAsFileTime
GetDriveTypeW
lstrcpynW
FileTimeToSystemTime
LoadLibraryW
DeviceIoControl
WaitForSingleObject
FreeLibrary
QueryPerformanceCounter
LocalAlloc
GetSystemWindowsDirectoryW
DisableThreadLibraryCalls
GlobalUnlock
GetFileAttributesW
GlobalAlloc
LoadLibraryA
lstrcatW
DeleteCriticalSection
GetCurrentProcess
EnterCriticalSection
GetCurrentDirectoryW
GetFileSize
DelayLoadFailureHook
FindClose
lstrlenW
GetWindowsDirectoryW
GetDateFormatW
SetErrorMode
MultiByteToWideChar
GetProcAddress
InterlockedCompareExchange
GetLocaleInfoW
GetComputerNameW
lstrcpyW
UnhandledExceptionFilter
WideCharToMultiByte
GetModuleFileNameW
GetSystemDirectoryW
GlobalFree
SetUnhandledExceptionFilter
WriteFile
CloseHandle
IsProcessorFeaturePresent
FindFirstFileW
TerminateProcess
lstrcmpW
GlobalLock
GetModuleHandleW
LocalFree
FormatMessageW
GlobalMemoryStatus
SearchPathW
lstrcmpiW
InitializeCriticalSection
GetCommandLineW
CreateFileW
GetEnvironmentVariableW
CreateProcessW
GetDiskFreeSpaceExW
InterlockedDecrement
Sleep
IsBadReadPtr
GetFullPathNameW
GetTickCount
GetCurrentThreadId
InterlockedIncrement
GetCurrentProcessId
GetNumberFormatW
SetLastError
LeaveCriticalSection
WNetCancelConnection2W
CM_Open_Class_Key_ExW
SetupDiGetClassDescriptionExW
SetupVerifyInfFileW
SetupDiLoadClassIcon
SetupQueueCopyW
SetupDiOpenDevRegKey
pSetupGuidFromString
SetupDiOpenDeviceInfoW
pSetupDoesUserHavePrivilege
pSetupStringFromGuid
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiCallClassInstaller
SetupDiSetSelectedDriverW
SetupDiBuildClassInfoListExW
SetupDiDestroyDriverInfoList
CM_Open_DevNode_Key_Ex
CM_Get_DevNode_Registry_Property_ExW
SetupDiSetClassInstallParamsW
SetupDiGetSelectedDriverW
SetupDiGetClassInstallParamsW
SetupDiClassNameFromGuidExW
SetupDiGetClassDevsW
CM_Get_Hardware_Profile_Info_ExW
SetupDiBuildDriverInfoList
CM_Get_Parent_Ex
CM_Get_Device_ID_List_Size_ExW
CM_Free_Log_Conf_Handle
SetupDiGetDeviceRegistryPropertyW
CM_Get_Res_Des_Data_Size_Ex
SetupDiChangeState
CM_Disconnect_Machine
SetupCloseFileQueue
CM_Get_Device_ID_ExW
SetupDiGetClassImageIndex
CM_Reenumerate_DevNode_Ex
SetupDiCreateDeviceInfoListExW
SetupDiOpenClassRegKeyExW
CM_Get_DevNode_Status_Ex
SetupDiGetDeviceInstallParamsW
SetupScanFileQueueW
SetupDiGetClassDescriptionW
CM_Free_Res_Des_Handle
CM_Get_Device_ID_List_ExW
SetupDiGetClassDevsExW
SetupDiGetDeviceInstanceIdW
SetupDiSetDeviceInstallParamsW
CM_Get_First_Log_Conf_Ex
CM_Connect_MachineW
CM_Get_HW_Prof_Flags_ExW
CM_Get_Child_Ex
SetupDiEnumDriverInfoW
CM_Locate_DevNode_ExW
SetupDiGetClassImageList
CM_Get_Res_Des_Data_Ex
CM_Get_Next_Res_Des_Ex
SetupDiGetClassImageListExW
SetupOpenFileQueue
SetupDiGetDeviceInfoListDetailW
SetupDiGetClassDevPropertySheetsW
CM_Get_Sibling_Ex
SetupDiDestroyClassImageList
Ord(730)
ShellExecuteW
ShellExecuteExW
Ord(245)
StrCmpNIW
StrCpyNW
StrNCatW
StrToIntW
StrRChrW
MapWindowPoints
EmptyClipboard
GetMessagePos
GetParent
RegisterWindowMessageW
EndDialog
DestroyWindow
GetFocus
DefWindowProcW
wsprintfW
KillTimer
MessageBoxW
ShowWindow
GetForegroundWindow
RegisterClipboardFormatW
SetWindowPos
SetFocus
wvsprintfW
BeginDeferWindowPos
SetWindowLongW
IsWindow
PeekMessageW
GetWindowRect
DestroyIcon
EnableWindow
DialogBoxParamW
ChildWindowFromPoint
CharNextW
IsWindowEnabled
FindWindowExW
PostMessageW
GetSysColor
SetClipboardData
DispatchMessageW
GetKeyState
EndDeferWindowPos
GetDlgCtrlID
SendMessageW
RegisterClassW
TranslateMessage
GetSystemMetrics
WinHelpW
LoadBitmapW
SendDlgItemMessageW
GetClassInfoW
GetCursorPos
GetDlgItem
SetForegroundWindow
SetDlgItemTextW
ScreenToClient
InvalidateRect
CreateDialogParamW
SetTimer
LoadStringW
IsDialogMessageW
IsDlgButtonChecked
GetClientRect
GetWindowTextW
CheckDlgButton
DeferWindowPos
LoadCursorW
LoadIconW
GetWindowTextLengthW
CreateWindowExW
GetWindowLongW
CloseClipboard
SetCursor
ExitWindowsEx
OpenClipboard
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
WmiSetSingleInstanceW
WmiDevInstToInstanceNameW
WmiQuerySingleInstanceW
WmiOpenBlock
WmiCloseBlock
_except_handler3
?terminate@@YAXXZ
malloc
_CxxThrowException
__CxxFrameHandler
??1type_info@@UAE@XZ
_adjust_fdiv
free
wcscpy
wcslen
wcscmp
__dllonexit
_initterm
_onexit
_vsnwprintf
NtQuerySystemInformation
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
CoTaskMemAlloc
ReleaseStgMedium
CoCreateInstance
CoTaskMemFree
PE exports
Number of PE resources by type
RT_STRING 44
RT_ICON 24
RT_DIALOG 19
RT_BITMAP 5
RT_GROUP_ICON 5
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
RUSSIAN 99
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
7.1

ImageVersion
5.1

FileSubtype
0

FileVersionNumber
5.1.2600.5512

LanguageCode
Russian

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
199168

FileOS
Windows NT 32-bit

MIMEType
application/octet-stream

LegalCopyright
. .

FileVersion
5.1.2600.5512 (xpsp.080413-2105)

TimeStamp
2008:04:14 17:09:11+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
devmgr

FileAccessDate
2014:12:29 19:22:25+01:00

ProductVersion
5.1.2600.5512

SubsystemVersion
4.0

OSVersion
5.1

FileCreateDate
2014:12:29 19:22:25+01:00

OriginalFilename
devmgr.dll

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
161792

ProductName
Microsoft Windows

ProductVersionNumber
5.1.2600.5512

EntryPoint
0x1e6a

ObjectFileType
Dynamic link library

File identification
MD5 bec4c32ad16ea93ced151e1451e802e7
SHA1 ef0355d67051153272c00e60940b88b31bab05f7
SHA256 295029bf98e8a763ad9044d2d0eb1c2c670d5a21e3179cfb68ccf73c3a2cab0c
ssdeep
6144:uEbewRss/ofGJIm3TDY3dE2fLukRY7PsNwu:uEK0Z9Im3TDKtRY76

authentihash f2aa5b9aba1a9326ae9d3f5b83468d0d17148e20dde43038a66ee46db4e3ea42
imphash c1b56bee16a8847b7eac8d22150872d1
File size 353.5 KB ( 361984 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID DirectShow filter (60.4%)
Windows ActiveX control (34.9%)
Win32 Dynamic Link Library (generic) (1.9%)
Win32 Executable (generic) (1.3%)
Generic Win/DOS Executable (0.6%)
Tags
pedll

VirusTotal metadata
First submission 2014-12-03 11:00:12 UTC ( 4 years, 5 months ago )
Last submission 2014-12-03 11:00:12 UTC ( 4 years, 5 months ago )
File names devmgr.dll
devmgr
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!