× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 31037f807d31d7452bbec9e678469e0d1571be28ad31e288dd4bb137f8bc82c3
File name: CTMConfig
Detection ratio: 0 / 53
Analysis date: 2014-08-12 10:04:02 UTC ( 4 years, 7 months ago )
Antivirus Result Update
Ad-Aware 20140812
AegisLab 20140812
Yandex 20140810
AhnLab-V3 20140811
AntiVir 20140812
Antiy-AVL 20140812
Avast 20140812
AVG 20140812
AVware 20140812
Baidu-International 20140812
BitDefender 20140812
ByteHero 20140812
CAT-QuickHeal 20140812
ClamAV 20140812
CMC 20140809
Commtouch 20140812
Comodo 20140812
DrWeb 20140812
Emsisoft 20140812
ESET-NOD32 20140812
F-Prot 20140812
F-Secure 20140812
Fortinet 20140812
GData 20140812
Ikarus 20140812
Jiangmin 20140812
K7AntiVirus 20140811
K7GW 20140811
Kaspersky 20140812
Kingsoft 20140812
Malwarebytes 20140812
McAfee 20140812
McAfee-GW-Edition 20140811
Microsoft 20140812
eScan 20140812
NANO-Antivirus 20140812
Norman 20140812
nProtect 20140811
Panda 20140812
Qihoo-360 20140812
Rising 20140811
Sophos AV 20140812
SUPERAntiSpyware 20140804
Symantec 20140812
Tencent 20140812
TheHacker 20140808
TotalDefense 20140811
TrendMicro 20140812
TrendMicro-HouseCall 20140812
VBA32 20140812
VIPRE 20140812
ViRobot 20140812
Zoner 20140811
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Publisher CTM
Product CTMConfig
Original name CTMConfig.dll
Internal name CTMConfig
File version 1.01.0003
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-06-14 13:54:48
Entry Point 0x00001388
Number of sections 4
PE sections
PE imports
Ord(546)
Ord(518)
EVENT_SINK_Invoke
Ord(558)
Ord(596)
Ord(709)
Ord(714)
Ord(301)
Ord(524)
Ord(595)
Ord(577)
Ord(581)
Ord(306)
Ord(631)
Ord(557)
EVENT_SINK_QueryInterface
Ord(648)
Ord(516)
Ord(320)
Ord(607)
Ord(617)
Ord(681)
Ord(576)
Ord(717)
Ord(600)
Ord(307)
DllFunctionCall
Zombie_GetTypeInfoCount
Ord(608)
Ord(556)
Ord(522)
Ord(571)
Ord(319)
Ord(321)
Ord(102)
Ord(711)
Ord(606)
Ord(530)
EVENT_SINK_Release
Ord(610)
Ord(579)
Ord(103)
Ord(533)
Ord(592)
EVENT_SINK_GetIDsOfNames
Ord(647)
Ord(538)
Ord(578)
Ord(542)
Zombie_GetTypeInfo
Ord(101)
Ord(520)
Ord(531)
Ord(660)
Ord(532)
Ord(104)
EVENT_SINK2_AddRef
Ord(303)
Ord(528)
Ord(553)
Ord(619)
Ord(563)
Ord(535)
Ord(560)
Ord(685)
EVENT_SINK_AddRef
Ord(105)
Ord(712)
Ord(300)
Ord(591)
Ord(632)
MethCallEngine
Ord(645)
Ord(519)
Ord(561)
Ord(309)
Ord(526)
ProcCallEngine
Ord(597)
Ord(612)
Ord(587)
Ord(573)
Ord(529)
Ord(613)
__vbaExceptHandler
Ord(644)
EVENT_SINK2_Release
Ord(598)
Ord(545)
PE exports
Number of PE resources by type
TYPELIB 1
RT_VERSION 1
_IID_CCONFIG 1
Number of PE resources by language
NEUTRAL 2
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
6.0

ImageVersion
1.1

FileSubtype
0

FileVersionNumber
1.1.0.3

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
Unicode

InitializedDataSize
36864

FileOS
Win32

MIMEType
application/octet-stream

FileVersion
1.01.0003

TimeStamp
2012:06:14 14:54:48+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
CTMConfig

FileAccessDate
2014:08:12 11:04:09+01:00

ProductVersion
1.01.0003

SubsystemVersion
4.0

OSVersion
4.0

FileCreateDate
2014:08:12 11:04:09+01:00

OriginalFilename
CTMConfig.dll

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
CTM

CodeSize
475136

ProductName
CTMConfig

ProductVersionNumber
1.1.0.3

EntryPoint
0x1388

ObjectFileType
Dynamic link library

File identification
MD5 28ae028dcfd9b9a7f0b632975ae62ffc
SHA1 e02df70233095ee5bb91b61c3cb054550b352835
SHA256 31037f807d31d7452bbec9e678469e0d1571be28ad31e288dd4bb137f8bc82c3
ssdeep
6144:c/bgs4Ub8YnXUpOYQitTCaHYKXZddDUEmIMrV2QcwcDyw:c/bgs+YnEcYQiVCIUt4pwWyw

imphash 59845d9ccfab3db1dc72009af682dd49
File size 488.0 KB ( 499712 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Windows ActiveX control (47.5%)
Win32 Executable Microsoft Visual Basic 6 (33.5%)
Win32 Executable MS Visual C++ (generic) (12.7%)
Win32 Dynamic Link Library (generic) (2.6%)
Win32 Executable (generic) (1.8%)
Tags
pedll

VirusTotal metadata
First submission 2014-07-15 08:17:26 UTC ( 4 years, 8 months ago )
Last submission 2014-07-15 08:17:26 UTC ( 4 years, 8 months ago )
File names CTMConfig
CTMConfig.dll
ctmconfig.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!