× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3795eddfb373a0a7b602348b71123c0994efbca6789cbd1efd35a15d02c1a4d7
File name: node
Detection ratio: 0 / 66
Analysis date: 2018-03-09 14:04:29 UTC ( 1 year ago )
Antivirus Result Update
Ad-Aware 20180309
AegisLab 20180309
AhnLab-V3 20180309
Alibaba 20180309
ALYac 20180309
Antiy-AVL 20180309
Arcabit 20180309
Avast 20180309
Avast-Mobile 20180309
AVG 20180309
Avira (no cloud) 20180309
AVware 20180309
Baidu 20180309
BitDefender 20180309
Bkav 20180309
CAT-QuickHeal 20180309
ClamAV 20180309
CMC 20180309
Comodo 20180309
CrowdStrike Falcon (ML) 20170201
Cybereason 20180225
Cylance 20180309
Cyren 20180309
DrWeb 20180309
eGambit 20180309
Emsisoft 20180309
Endgame 20180308
ESET-NOD32 20180309
F-Prot 20180309
F-Secure 20180309
Fortinet 20180309
GData 20180309
Ikarus 20180309
Sophos ML 20180121
Jiangmin 20180309
K7AntiVirus 20180309
K7GW 20180309
Kaspersky 20180309
Kingsoft 20180309
Malwarebytes 20180309
MAX 20180309
McAfee 20180309
McAfee-GW-Edition 20180309
Microsoft 20180309
eScan 20180309
nProtect 20180309
Palo Alto Networks (Known Signatures) 20180309
Panda 20180309
Qihoo-360 20180309
Rising 20180309
SentinelOne (Static ML) 20180225
Sophos AV 20180309
SUPERAntiSpyware 20180309
Symantec 20180309
Symantec Mobile Insight 20180306
Tencent 20180309
TheHacker 20180307
TotalDefense 20180309
TrendMicro 20180309
TrendMicro-HouseCall 20180309
Trustlook 20180309
VBA32 20180307
VIPRE 20180309
ViRobot 20180309
Webroot 20180309
WhiteArmor 20180223
Yandex 20180308
Zillya 20180309
ZoneAlarm by Check Point 20180309
Zoner 20180309
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright Node.js contributors. MIT license.

Product Node.js
Original name node.exe
Internal name node
File version 6.1.0
Description Node.js: Server-side JavaScript
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-05-26 10:15:37
Entry Point 0x004453B1
Number of sections 7
PE sections
PE imports
SetSecurityDescriptorDacl
CryptReleaseContext
RegCloseKey
RegisterEventSourceW
OpenProcessToken
GetUserNameW
DeregisterEventSource
RegQueryValueExA
CryptGenRandom
RegOpenKeyExW
RegEnumKeyExW
CryptAcquireContextW
SystemFunction036
RegOpenKeyExA
ReportEventW
RegQueryValueExW
InitializeSecurityDescriptor
GetDeviceCaps
DeleteObject
GetDIBits
CreateCompatibleBitmap
GetObjectW
GetAdaptersAddresses
GetStdHandle
GetDriveTypeW
FileTimeToSystemTime
WaitForSingleObject
FindNextFileA
CreateJobObjectW
EncodePointer
SetFileTime
IsValidLocale
SetConsoleCursorPosition
GetFileAttributesW
SetInformationJobObject
SystemTimeToTzSpecificLocalTime
DeleteCriticalSection
GetCurrentProcess
OpenFileMappingW
GetConsoleMode
GetLocaleInfoA
FreeEnvironmentStringsW
GetConsoleCursorInfo
SetErrorMode
GetFileInformationByHandle
InitializeSListHead
GetThreadContext
GetLocaleInfoW
SetStdHandle
GetTempPathA
WideCharToMultiByte
WriteFile
GetSystemTimeAsFileTime
GetCommandLineA
GetThreadTimes
GlobalMemoryStatusEx
HeapReAlloc
GetStringTypeW
ResumeThread
GetFullPathNameA
SetEvent
LocalFree
FormatMessageW
IsWow64Process
GetThreadPriority
GetExitCodeProcess
FreeLibraryAndExitThread
InitializeCriticalSection
OutputDebugStringW
FindClose
TlsGetValue
FormatMessageA
GetFullPathNameW
QueueUserWorkItem
OutputDebugStringA
GetEnvironmentVariableW
SetLastError
ConnectNamedPipe
GetSystemTime
OpenThread
ReadConsoleInputA
GetModuleFileNameW
TryEnterCriticalSection
GetNumberOfConsoleInputEvents
HeapAlloc
ReadConsoleInputW
GetModuleFileNameA
FillConsoleOutputCharacterW
VerSetConditionMask
SetConsoleCtrlHandler
GetUserDefaultLCID
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
VerifyVersionInfoW
SetFilePointerEx
MoveFileExW
RegisterWaitForSingleObject
SetFileAttributesW
CreateSemaphoreA
CreateThread
SetEnvironmentVariableW
GetGeoInfoW
InterlockedFlushSList
SetNamedPipeHandleState
CreateSemaphoreW
IsProcessorFeaturePresent
ExitThread
SetHandleInformation
SetEnvironmentVariableA
GlobalMemoryStatus
CancelIo
GetModuleHandleExW
SetCurrentDirectoryW
CreateEventW
ReadConsoleW
GetCurrentThreadId
GetNumberFormatW
WriteConsoleW
CreateToolhelp32Snapshot
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
PeekNamedPipe
LoadLibraryW
DeviceIoControl
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
SetConsoleTextAttribute
TlsAlloc
VirtualProtect
FlushFileBuffers
LoadLibraryA
RtlUnwind
WriteConsoleInputW
CreateRemoteThread
EnumSystemLocalesW
FlushConsoleInputBuffer
GetWindowsDirectoryW
DecodePointer
GetFileSize
OpenProcess
DeleteFileA
GetDateFormatW
GetStartupInfoW
CreateDirectoryW
GetProcAddress
GetConsoleScreenBufferInfo
FillConsoleOutputAttribute
GetProcessHeap
CreateFileMappingW
GetTimeFormatW
SetEndOfFile
WaitNamedPipeW
RemoveDirectoryW
ExpandEnvironmentStringsW
FindFirstFileExA
FindNextFileW
ResetEvent
GetTempFileNameA
FindFirstFileW
TerminateProcess
DuplicateHandle
FindFirstFileExW
WaitForMultipleObjects
GetNamedPipeHandleStateW
GetTimeZoneInformation
ReadDirectoryChangesW
CreateFileW
CreateEventA
IsDebuggerPresent
GetFileType
TlsSetValue
CreateFileA
ExitProcess
GetCurrencyFormatW
LeaveCriticalSection
GetLastError
IsValidCodePage
InterlockedPushEntrySList
SystemTimeToFileTime
LCMapStringW
GetShortPathNameW
UnmapViewOfFile
GetSystemInfo
GetConsoleCP
UnregisterWaitEx
AssignProcessToJobObject
GetProcessTimes
GetThreadLocale
GetEnvironmentStringsW
GetUserGeoID
CreateNamedPipeA
Process32NextW
CreateProcessW
GetQueuedCompletionStatus
WaitForSingleObjectEx
SwitchToThread
UnregisterWait
CompareStringW
CreateIoCompletionPort
GetConsoleTitleW
GetCommandLineW
HeapQueryInformation
GetCPInfo
HeapSize
RaiseException
SetConsoleCursorInfo
Process32FirstW
GetCurrentThread
SuspendThread
SetConsoleTitleW
QueryPerformanceFrequency
ReleaseSemaphore
MapViewOfFile
TlsFree
GetModuleHandleA
ReadFile
SetUnhandledExceptionFilter
CreateNamedPipeW
CloseHandle
PeekConsoleInputA
GetACP
GetModuleHandleW
GetFileAttributesExW
GetLongPathNameW
GetCurrentDirectoryW
SetConsoleMode
GetTempPathW
PostQueuedCompletionStatus
VirtualFree
Sleep
VirtualAlloc
GetCurrentProcessId
GetOEMCP
CreateHardLinkW
GetProcessMemoryInfo
ReleaseDC
GetProcessWindowStation
MessageBoxW
GetDC
GetUserObjectInformationW
GetUserProfileDirectoryW
timeGetTime
htonl
getsockname
WSARecvFrom
WSARecv
ioctlsocket
WSAStartup
WSASocketW
shutdown
WSADuplicateSocketW
htons
getpeername
select
gethostname
getsockopt
FreeAddrInfoW
recv
ntohl
inet_addr
send
WSASend
ntohs
WSAGetLastError
listen
__WSAFDIsSet
GetNameInfoW
WSASetLastError
closesocket
WSAIoctl
GetAddrInfoW
setsockopt
socket
bind
WSASendTo
recvfrom
connect
PE exports
Number of PE resources by type
RT_ICON 5
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 8
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
6.0

LinkerVersion
14.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.1.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
3868672

EntryPoint
0x4453b1

OriginalFileName
node.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright Node.js contributors. MIT license.

FileVersion
6.1.0

TimeStamp
2016:05:26 11:15:37+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
node

ProductVersion
6.1.0

FileDescription
Node.js: Server-side JavaScript

OSVersion
6.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Node.js

CodeSize
8843264

ProductName
Node.js

ProductVersionNumber
6.1.0.0

FileTypeExtension
dll

ObjectFileType
Executable application

File identification
MD5 f67989a55ef13525bdf9b1bb05889292
SHA1 26673ebca954759a8080facdfee4021bcb108e91
SHA256 3795eddfb373a0a7b602348b71123c0994efbca6789cbd1efd35a15d02c1a4d7
ssdeep
393216:TYXsXKs++uvUC+J7FjmPyC2s1qrfYFTAIR:TYhsBkOJ7FjmPn2s1qrQ1AI

authentihash 0bcafd81c19b195c2bbe24bfebc785df90edbd0542bf87d126ac28ac3e818311
imphash 1d9c678504ff8d72c3484ba700f45dbe
File size 12.0 MB ( 12613632 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 EXE PECompact compressed (generic) (79.7%)
Win32 Executable (generic) (8.6%)
OS/2 Executable (generic) (3.8%)
Generic Win/DOS Executable (3.8%)
DOS Executable Generic (3.8%)
Tags
pedll

VirusTotal metadata
First submission 2016-05-27 07:28:29 UTC ( 2 years, 9 months ago )
Last submission 2016-05-27 07:28:29 UTC ( 2 years, 9 months ago )
File names node
node.dll
node.dll
node.dll
node.dll
node.dll
node.dll
node.dll
node.dll
node.dll
node.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!