× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2b3f6ef86b9186fbea61324d1b06744d6138f4b9cfdec34633154f2ccca859e0
File name: uiLangRes.dll
Detection ratio: 0 / 47
Analysis date: 2013-06-09 12:40:24 UTC ( 5 years, 10 months ago )
Antivirus Result Update
Yandex 20130609
AhnLab-V3 20130609
AntiVir 20130609
Antiy-AVL 20130609
Avast 20130609
AVG 20130609
BitDefender 20130609
ByteHero 20130606
CAT-QuickHeal 20130607
ClamAV 20130609
Commtouch 20130609
Comodo 20130609
DrWeb 20130609
Emsisoft 20130609
eSafe 20130606
ESET-NOD32 20130609
F-Prot 20130609
F-Secure 20130609
Fortinet 20130609
GData 20130609
Ikarus 20130609
Jiangmin 20130609
K7AntiVirus 20130607
K7GW 20130607
Kaspersky 20130609
Kingsoft 20130506
Malwarebytes 20130609
McAfee 20130609
McAfee-GW-Edition 20130609
Microsoft 20130609
eScan 20130609
NANO-Antivirus 20130609
Norman 20130609
nProtect 20130609
Panda 20130609
PCTools 20130521
Rising 20130607
Sophos AV 20130609
SUPERAntiSpyware 20130609
Symantec 20130609
TheHacker 20130608
TotalDefense 20130607
TrendMicro 20130609
TrendMicro-HouseCall 20130609
VBA32 20130608
VIPRE 20130609
ViRobot 20130608
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright (c) 2013 AVAST Software

Publisher AVAST Software
Product avast! Antivirus
Version 8.0.1488.286
Original name UILangRes
Internal name ui1033
File version 8.0.1488.286
Description UILangRes
Signature verification Signed file, verified signature
Signing date 12:33 AM 5/2/2013
Signers
[+] AVAST Software
Status Valid
Issuer None
Valid from 1:00 AM 1/31/2011
Valid to 12:59 AM 1/31/2014
Valid usage Code Signing
Algorithm SHA1
Thumbprint DAEE6B6845246502630C11081368A1237988688E
Serial number 0D D6 D6 71 FE 03 64 D4 3B 63 21 31 41 7E 7B 3F
[+] VeriSign Class 3 Code Signing 2010 CA
Status Valid
Issuer None
Valid from 1:00 AM 2/8/2010
Valid to 12:59 AM 2/8/2020
Valid usage Client Auth, Code Signing
Algorithm SHA1
Thumbprint 495847A93187CFB8C71F840CB7B41497AD95C64F
Serial number 52 00 E5 AA 25 56 FC 1A 86 ED 96 C9 D4 4B 33 C7
[+] VeriSign
Status Valid
Issuer None
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm SHA1
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer None
Valid from 1:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer None
Valid from 1:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer None
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm MD5
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-05-01 23:21:17
Entry Point 0x00001446
Number of sections 5
PE sections
PE imports
GetCurrentProcess
TerminateProcess
SetUnhandledExceptionFilter
GetCurrentProcessId
OutputDebugStringW
InterlockedExchange
QueryPerformanceCounter
UnhandledExceptionFilter
IsDebuggerPresent
GetTickCount
GetSystemTimeAsFileTime
Sleep
GetCurrentThreadId
InterlockedCompareExchange
_amsg_exit
_malloc_crt
_unlock
_decode_pointer
_crt_debugger_hook
_lock
__dllonexit
_onexit
_except_handler4_common
_encoded_null
free
__CppXcptFilter
_encode_pointer
_initterm
_initterm_e
_adjust_fdiv
__clean_type_info_names_internal
Ord(1152)
Ord(799)
Ord(1137)
Ord(391)
Ord(801)
PE exports
Number of PE resources by type
RT_STRING 215
RT_DIALOG 6
RT_MENU 4
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
RUSSIAN 226
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
9.0

ImageVersion
5.0

FileSubtype
0

FileVersionNumber
8.0.1488.286

UninitializedDataSize
0

LanguageCode
Russian

FileFlagsMask
0x0017

CharacterSet
Unicode

InitializedDataSize
269312

FileOS
Win32

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) 2013 AVAST Software

FileVersion
8.0.1488.286

TimeStamp
2013:05:02 00:21:17+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
ui1033

ProductVersion
8.0.1488.286

FileDescription
UILangRes

OSVersion
5.0

OriginalFilename
UILangRes

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
AVAST Software

CodeSize
2560

ProductName
avast! Antivirus

ProductVersionNumber
8.0.1488.286

EntryPoint
0x1446

ObjectFileType
Unknown

File identification
MD5 36293ac1b3c18c1f7eaeb5ef0fb50675
SHA1 c7430f34c52533e7c94edc222e89b4d7ecec54ee
SHA256 2b3f6ef86b9186fbea61324d1b06744d6138f4b9cfdec34633154f2ccca859e0
ssdeep
3072:rgmL/kZT1LqzxUjtPXHcgDIrxbrq+w1YDZjX8KLghHAlHfm:rgQbE

File size 277.0 KB ( 283696 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.4%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
pedll signed

VirusTotal metadata
First submission 2013-06-09 12:40:24 UTC ( 5 years, 10 months ago )
Last submission 2013-06-09 12:40:24 UTC ( 5 years, 10 months ago )
File names UILangRes
uiLangRes.dll
ui1033
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!