× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 29ed0520277d94f50fe39d893da883952ccb74d588574799040bfc813bc08f0b
File name: 7.dll
Detection ratio: 3 / 56
Analysis date: 2015-04-30 11:10:18 UTC ( 2 years, 7 months ago ) View latest
Antivirus Result Update
Bkav HW32.Packed.9EA7 20150425
Kaspersky UDS:DangerousObject.Multi.Generic 20150429
Qihoo-360 HEUR/QVM40.1.Malware.Gen 20150430
Ad-Aware 20150430
AegisLab 20150430
Yandex 20150428
AhnLab-V3 20150429
Alibaba 20150430
ALYac 20150430
Antiy-AVL 20150430
Avast 20150430
AVG 20150429
Avira (no cloud) 20150430
AVware 20150430
Baidu-International 20150430
BitDefender 20150430
ByteHero 20150430
CAT-QuickHeal 20150430
ClamAV 20150430
CMC 20150423
Comodo 20150430
Cyren 20150430
DrWeb 20150430
Emsisoft 20150430
ESET-NOD32 20150430
F-Prot 20150430
F-Secure 20150430
Fortinet 20150430
GData 20150430
Ikarus 20150430
Jiangmin 20150429
K7AntiVirus 20150430
K7GW 20150430
Kingsoft 20150430
McAfee 20150430
McAfee-GW-Edition 20150430
Microsoft 20150430
eScan 20150430
NANO-Antivirus 20150430
Norman 20150429
nProtect 20150429
Panda 20150429
Rising 20150429
Sophos AV 20150430
SUPERAntiSpyware 20150430
Symantec 20150430
Tencent 20150430
TheHacker 20150429
TotalDefense None
TrendMicro 20150430
TrendMicro-HouseCall 20150430
VBA32 20150429
VIPRE 20150430
ViRobot 20150430
Zillya 20150429
Zoner 20150430
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright 1999-2006, Intel Corporation

Product Intel(R) Common User Interface
Original name IGFXRES.DLL
Internal name IGFXRES
File version 6.15.10.5402
Description igfxres Module
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-04-30 05:17:17
Entry Point 0x000053E0
Number of sections 13
PE sections
PE imports
AddClusterResourceNode
SetClusterResourceName
ClusterOpenEnum
OfflineClusterResource
GetVolumePathNameW
Toolhelp32ReadProcessMemory
ScrollConsoleScreenBufferA
ReplaceFileW
GetCompressedFileSizeW
CreatePipe
LocalAlloc
GetConsoleCursorInfo
GetTapePosition
GetLocaleInfoW
GetCommModemStatus
FindResourceExA
WaitForDebugEvent
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
SetComputerNameA
GetConsoleSelectionInfo
LocalFree
GlobalHandle
GetStringTypeExA
BeginUpdateResourceA
SetLastError
GetVolumePathNameA
VerLanguageNameA
OpenThread
GetUserDefaultLangID
GetModuleFileNameA
VerSetConditionMask
GetVolumeInformationA
CreateActCtxW
MultiByteToWideChar
GetProfileSectionA
InterlockedExchangeAdd
CreateDirectoryExW
GetSystemDefaultUILanguage
DeleteCriticalSection
GetExitCodeThread
GetConsoleDisplayMode
GetNumberOfConsoleMouseButtons
GetSystemDirectoryA
AllocateUserPhysicalPages
GetNumberFormatA
VirtualQuery
FindAtomA
GetCurrentThreadId
CallNamedPipeW
AreFileApisANSI
SetCommBreak
GetThreadPriorityBoost
lstrcmpiA
FreeLibrary
LoadLibraryA
ConvertFiberToThread
GetDateFormatA
Process32First
GetSystemRegistryQuota
CreateDirectoryW
GetProcAddress
GetProfileStringW
lstrcpyW
GetBinaryTypeW
WaitNamedPipeA
Thread32Next
DuplicateHandle
ExpandEnvironmentStringsA
GetBinaryTypeA
TlsSetValue
GetLastError
Heap32ListFirst
FindFirstChangeNotificationA
CreateNamedPipeW
lstrlenA
BuildCommDCBW
GlobalWire
IsDBCSLeadByte
RemoveDirectoryA
CreateFiber
SizeofResource
GetCommandLineW
MapUserPhysicalPages
GetCurrentDirectoryA
EnumTimeFormatsA
GetConsoleTitleA
GetCommandLineA
SetConsoleTitleW
WriteTapemark
RaiseException
TlsFree
ReadFile
RtlCaptureContext
EnumSystemLocalesA
SetCommConfig
SetConsoleMode
ReadFileEx
MprAdminConnectionGetInfo
SafeArraySetRecordInfo
Shell_NotifyIconW
SHInvokePrinterCommandW
ReleaseDC
SetWindowTextA
FillRect
GetLastActivePopup
GetWindowTextW
GetKeyboardLayoutList
wsprintfW
SetCursor
realloc
localeconv
getc
freopen
asctime
wscanf
setbuf
iswgraph
strncmp
strncat
_chkstk
isalnum
wcscmp
memset
strcat
iswxdigit
isalpha
memcpy
PdhEnumObjectsA
PdhGetCounterInfoA
PdhExpandWildCardPathW
PdhCollectQueryData
RevokeBindStatusCallback
CoInternetCreateSecurityManager
CreateURLMoniker
Number of PE resources by type
RT_STRING 37
RT_MANIFEST 1
TYPELIB 1
RT_DIALOG 1
RT_VERSION 1
Number of PE resources by language
PORTUGUESE 41
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.15.10.5402

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
320000

EntryPoint
0x53e0

OriginalFileName
IGFXRES.DLL

MIMEType
application/octet-stream

LegalCopyright
Copyright 1999-2006, Intel Corporation

FileVersion
6.15.10.5402

TimeStamp
2015:04:30 06:17:17+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
IGFXRES

ProductVersion
6.15.10.5402

FileDescription
igfxres Module

OSVersion
4.0

FileOS
Win32

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Intel Corporation

CodeSize
34816

ProductName
Intel(R) Common User Interface

ProductVersionNumber
6.15.10.5402

FileTypeExtension
dll

ObjectFileType
Dynamic link library

File identification
MD5 35142d23d09f82a0abe0f49a8d184f0a
SHA1 791563c150658dd3b338f0e4323b9049792cdc23
SHA256 29ed0520277d94f50fe39d893da883952ccb74d588574799040bfc813bc08f0b
ssdeep
6144:NO7Hwu04iqHPVJu4WS/xZ8V58qECG2H+VF6KnAo:NdlRCPVJu4J8T7y2efznT

authentihash e0d659d5ca0c567572f7e27aff1a06f837bc720a4d4d784fb8a6a13ceeb7d3fa
imphash 917de62603559bc637ffeb792420cead
File size 309.0 KB ( 316416 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
pedll

VirusTotal metadata
First submission 2015-04-30 08:39:54 UTC ( 2 years, 7 months ago )
Last submission 2015-04-30 15:53:19 UTC ( 2 years, 7 months ago )
File names 7.dll
IGFXRES.DLL
IGFXRES
15.tmp
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!