× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 344492f9c9764afd28478073f7d7057c140b28b4d00bc6b8b4ac37d6727de101
File name: DGisNotesDll
Detection ratio: 0 / 48
Analysis date: 2013-10-13 03:00:08 UTC ( 5 years, 6 months ago )
Antivirus Result Update
Yandex 20131012
AhnLab-V3 20131012
AntiVir 20131012
Antiy-AVL 20131012
Avast 20131013
AVG 20131012
Baidu-International 20131012
BitDefender 20131012
Bkav 20131012
ByteHero 20130919
CAT-QuickHeal 20131011
ClamAV 20131012
Commtouch 20131012
Comodo 20131013
DrWeb 20131013
Emsisoft 20131013
ESET-NOD32 20131012
F-Prot 20131013
F-Secure 20131013
Fortinet 20131013
GData 20131013
Ikarus 20131012
Jiangmin 20131012
K7AntiVirus 20131011
K7GW 20131011
Kaspersky 20131012
Kingsoft 20130829
Malwarebytes 20131013
McAfee 20131013
McAfee-GW-Edition 20131012
Microsoft 20131013
eScan 20131012
NANO-Antivirus 20131013
Norman 20131012
nProtect 20131011
Panda 20131012
PCTools 20131002
Rising 20131012
Sophos AV 20131012
SUPERAntiSpyware 20131012
Symantec 20131013
TheHacker 20131011
TotalDefense 20131011
TrendMicro 20131013
TrendMicro-HouseCall 20131013
VBA32 20131011
VIPRE 20131013
ViRobot 20131012
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
© ??? «????????», 2008-2012

Publisher DoubleGIS
Product ?????? ???????
Version 3,0,3,0
Original name DGisNotes.dll
Internal name DGisNotes
File version 3,0,3,809
Description ?
Signature verification Signed file, verified signature
Signing date 8:53 AM 4/30/2013
Signers
[+] DoubleGIS
Status Certificate out of its validity period
Issuer None
Valid from 1:00 AM 9/20/2012
Valid to 12:59 AM 9/20/2013
Valid usage Code Signing
Algorithm SHA1
Thumbprint 9284A07991AA28C1B71C5A8BA4DE9490EA300D08
Serial number 57 CA ED 3F B1 8B 78 87 9A F9 7F 85 6C AB CC C3
[+] VeriSign Class 3 Code Signing 2010 CA
Status Valid
Issuer None
Valid from 1:00 AM 2/8/2010
Valid to 12:59 AM 2/8/2020
Valid usage Client Auth, Code Signing
Algorithm SHA1
Thumbprint 495847A93187CFB8C71F840CB7B41497AD95C64F
Serial number 52 00 E5 AA 25 56 FC 1A 86 ED 96 C9 D4 4B 33 C7
[+] VeriSign
Status Valid
Issuer None
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm SHA1
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer None
Valid from 1:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer None
Valid from 1:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer None
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm MD5
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-04-30 07:53:11
Entry Point 0x000875C7
Number of sections 5
PE sections
PE imports
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
ImageList_Draw
ImageList_LoadImageW
ImageList_Destroy
GetSaveFileNameW
GetOpenFileNameW
GetDeviceCaps
DeleteDC
SetBkMode
SelectObject
GetStockObject
CreateSolidBrush
GetObjectW
BitBlt
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
SetTextColor
GetStdHandle
GetConsoleOutputCP
HeapDestroy
GetFileAttributesW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
InitializeCriticalSection
LoadResource
GlobalHandle
TlsGetValue
SetLastError
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
GetModuleFileNameA
EnumSystemLocalesA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
FlushInstructionCache
GetModuleHandleA
SetUnhandledExceptionFilter
MulDiv
IsProcessorFeaturePresent
SetEnvironmentVariableA
TerminateProcess
WriteConsoleA
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
GetProcAddress
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
GetVersionExW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetFileSize
CreateDirectoryW
GetUserDefaultLCID
GetProcessHeap
CompareStringW
InterlockedIncrement
CompareStringA
CreateFileMappingA
IsValidLocale
lstrcmpW
GlobalLock
CreateFileW
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
LCMapStringW
HeapCreate
lstrlenA
GlobalFree
GetConsoleCP
FindResourceW
LCMapStringA
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
lstrlenW
SizeofResource
GetCurrentProcessId
LockResource
WideCharToMultiByte
HeapSize
GetCommandLineA
InterlockedCompareExchange
RaiseException
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
GetEnvironmentStrings
IsValidCodePage
UnmapViewOfFile
FindResourceExW
VirtualFree
Sleep
VirtualAlloc
Ord(161)
Ord(24)
Ord(12)
Ord(149)
Ord(22)
Ord(23)
Ord(8)
Ord(21)
Ord(200)
Ord(6)
Ord(16)
Ord(7)
Ord(162)
Ord(4)
Ord(15)
Ord(150)
Ord(420)
Ord(185)
Ord(2)
Ord(9)
SHGetFolderPathW
StrCmpW
SetFocus
RegisterWindowMessageW
GetClassInfoExW
MapDialogRect
RedrawWindow
GetWindow
EndDialog
BeginPaint
DefWindowProcW
MoveWindow
GetParent
DestroyAcceleratorTable
ScreenToClient
SetWindowPos
EndPaint
GetDesktopWindow
SetWindowLongW
IsWindow
GetWindowRect
RegisterClassExW
SetCapture
ReleaseCapture
DialogBoxParamW
GetFocus
GetSysColor
SetDlgItemTextW
GetDC
GetCursorPos
ReleaseDC
SendMessageW
UnregisterClassA
DestroyWindow
SetWindowTextW
SetWindowContextHelpId
GetDlgItem
DrawTextW
MessageBoxW
GetClientRect
ClientToScreen
InvalidateRect
CallWindowProcW
GetClassNameW
GetActiveWindow
DialogBoxIndirectParamW
FillRect
CreateAcceleratorTableW
GetWindowTextW
GetSysColorBrush
LoadCursorW
GetCursor
GetWindowTextLengthW
CreateWindowExW
GetWindowLongW
InvalidateRgn
CharNextW
IsChild
SetCursor
CreateStreamOnHGlobal
OleLockRunning
CLSIDFromProgID
OleInitialize
CoCreateInstance
OleUninitialize
CoTaskMemAlloc
CLSIDFromString
StringFromGUID2
CoGetClassObject
PE exports
Number of PE resources by type
RT_STRING 21
PNG 18
RT_ICON 7
RT_GROUP_ICON 7
RT_DIALOG 4
RT_MANIFEST 1
RT_BITMAP 1
RT_VERSION 1
Number of PE resources by language
RUSSIAN 44
ENGLISH US 8
ITALIAN 7
NEUTRAL 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
9.0

ImageVersion
0.0

FileVersionNumber
3.0.3.809

LanguageCode
Russian

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
456704

FileOS
Win32

MIMEType
application/octet-stream

LegalCopyright
, 2008-2012

FileVersion
3,0,3,809

TimeStamp
2013:04:30 08:53:11+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
DGisNotes

FileAccessDate
2013:05:24 08:13:11+01:00

ProductVersion
3,0,3,0

SubsystemVersion
5.0

OSVersion
5.0

FileCreateDate
2013:05:24 08:13:11+01:00

OriginalFilename
DGisNotes.dll

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
680448

FileSubtype
0

ProductVersionNumber
3.0.3.0

EntryPoint
0x875c7

ObjectFileType
Dynamic link library

File identification
MD5 b33acc26dfbc1b88e414c6839c95ddde
SHA1 c52b841ceef83c363a3bb5ea6930ef80c961e9c9
SHA256 344492f9c9764afd28478073f7d7057c140b28b4d00bc6b8b4ac37d6727de101
ssdeep
24576:v+4XYsyhu6twXYg1CaLN4gQwe+O60eCTh:rYsF4w2uN4gxe1heCTh

File size 1.1 MB ( 1144640 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (78.5%)
Win32 Executable (generic) (11.3%)
Generic Win/DOS Executable (5.0%)
DOS Executable Generic (5.0%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
signed pedll

VirusTotal metadata
First submission 2013-05-19 14:13:36 UTC ( 5 years, 11 months ago )
Last submission 2013-10-13 03:00:08 UTC ( 5 years, 6 months ago )
File names DGisNotes.dll
DGisNotes.dll
DGisNotes
344492f9c9764afd28478073f7d7057c140b28b4d00bc6b8b4ac37d6727de101
DGisNotesDll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!