× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 44b790cee08d38bdbe09c496bc1574a156e48aa40ca5c0d7d4fee94778ca84c8
File name: eguiSmonLang.dll
Detection ratio: 0 / 55
Analysis date: 2015-01-12 22:25:43 UTC ( 3 years, 10 months ago )
Antivirus Result Update
Ad-Aware 20150124
Yandex 20150124
AhnLab-V3 20150124
Alibaba 20150120
ALYac 20150124
Antiy-AVL 20150124
Avast 20150124
AVG 20150124
Avira (no cloud) 20150124
AVware 20150124
Baidu-International 20150124
BitDefender 20150124
Bkav 20150124
ByteHero 20150124
CAT-QuickHeal 20150124
ClamAV 20150124
CMC 20150124
Comodo 20150124
Cyren 20150124
DrWeb 20150124
Emsisoft 20150124
ESET-NOD32 20150124
F-Prot 20150124
F-Secure 20150124
Fortinet 20150124
GData 20150124
Ikarus 20150124
Jiangmin 20150124
K7AntiVirus 20150124
Kaspersky 20150124
Kingsoft 20150124
Malwarebytes 20150124
McAfee 20150124
McAfee-GW-Edition 20150124
Microsoft 20150124
eScan 20150124
NANO-Antivirus 20150124
Norman 20150123
nProtect 20150123
Panda 20150124
Qihoo-360 20150124
Rising 20150123
Sophos AV 20150124
SUPERAntiSpyware 20150124
Symantec 20150124
Tencent 20150124
TheHacker 20150123
TotalDefense 20150124
TrendMicro 20150124
TrendMicro-HouseCall 20150124
VBA32 20150123
VIPRE 20150124
ViRobot 20150124
Zillya 20150124
Zoner 20150123
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright (c) ESET, spol. s r.o. 1992-2013. All rights reserved.

Publisher ESET
Product ESET Smart Security
Original name eguiSmonLang.dll
Internal name eguiSmonLang.dll
File version 6.0.308.0
Description ESET Antispam GUI
Signature verification Signed file, verified signature
Signing date 1:09 PM 12/21/2012
Signers
[+] ESET
Status Certificate out of its validity period
Issuer None
Valid from 1:00 AM 5/6/2010
Valid to 12:59 AM 6/13/2013
Valid usage Code Signing
Algorithm SHA1
Thumbprint 11D4DADFAE3C289DC80C48991F7D67570A7063EE
Serial number 4C 61 AD DA E2 E6 A4 FC 5E 52 A2 F8 CD 38 E3 83
[+] VeriSign Class 3 Code Signing 2009-2 CA
Status Valid
Issuer None
Valid from 1:00 AM 5/21/2009
Valid to 12:59 AM 5/21/2019
Valid usage Client Auth, Code Signing
Algorithm SHA1
Thumbprint 12D4872BC3EF019E7E0B6F132480AE29DB5B1CA3
Serial number 65 52 26 E1 B2 2E 18 E1 59 0F 29 85 AC 22 E7 5C
[+] VeriSign Class 3 Public Primary Certification Authority (PCA3 G1 SHA1)
Status Valid
Issuer None
Valid from 1:00 AM 1/29/1996
Valid to 12:59 AM 8/3/2028
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm SHA1
Thumbprint A1DB6393916F17E4185509400415C70240B0AE6B
Serial number 3C 91 31 CB 1F F6 D0 1B 0E 9A B8 D0 44 BF 12 BE
Counter signers
[+] Symantec Time Stamping Services Signer - G3
Status Certificate out of its validity period
Issuer None
Valid from 1:00 AM 5/1/2012
Valid to 12:59 AM 12/3/2013
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint 23C4271D605CB2787A3A85D90282852D7B6B9981
Serial number 22 D8 78 BD 5F 56 04 31 89 22 60 A2 E8 8C D3 50
[+] VeriSign Time Stamping Services CA
Status Certificate out of its validity period
Issuer None
Valid from 1:00 AM 12/4/2003
Valid to 12:59 AM 12/4/2013
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D
Serial number 47 BF 19 95 DF 8D 52 46 43 F7 DB 6D 48 0D 31 A4
[+] Thawte Timestamping CA
Status Valid
Issuer None
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm MD5
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-12-21 12:00:58
Entry Point 0x00016A2E
Number of sections 5
PE sections
PE imports
RegDeleteKeyW
RegEnumKeyW
SetDIBits
GetCurrentObject
DeleteDC
SelectObject
CreateSolidBrush
GetDIBits
GetObjectW
BitBlt
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
GetLastError
EnterCriticalSection
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
GetFileAttributesW
lstrlenW
DeleteCriticalSection
GetCurrentProcess
SystemTimeToFileTime
LocalAlloc
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
WaitForMultipleObjects
InterlockedCompareExchange
lstrcpynW
SetEndOfFile
WideCharToMultiByte
GetModuleFileNameW
SetFilePointer
ReadFile
InterlockedExchange
SetUnhandledExceptionFilter
WriteFile
InterlockedIncrement
ResetEvent
GetSystemTimeAsFileTime
GetModuleHandleW
SetEvent
LocalFree
TerminateProcess
InitializeCriticalSection
LocalFileTimeToFileTime
InterlockedDecrement
Sleep
GetFullPathNameW
GetCurrentThreadId
GetProcAddress
GetCurrentProcessId
SetLastError
LeaveCriticalSection
Ord(1925)
Ord(2648)
Ord(2531)
Ord(2260)
Ord(266)
Ord(3635)
Ord(371)
Ord(2651)
Ord(6273)
Ord(925)
Ord(3998)
Ord(314)
Ord(5226)
Ord(1513)
Ord(1542)
Ord(6282)
Ord(3990)
Ord(1894)
Ord(1162)
Ord(4255)
Ord(3157)
Ord(1274)
Ord(3677)
Ord(3796)
Ord(2925)
Ord(6215)
Ord(2392)
Ord(5579)
Ord(5220)
Ord(1236)
Ord(1646)
Ord(577)
Ord(5196)
Ord(581)
Ord(6063)
Ord(1883)
Ord(4100)
Ord(753)
Ord(5327)
Ord(2388)
Ord(931)
Ord(5562)
Ord(2409)
Ord(3800)
Ord(5316)
Ord(2169)
Ord(1908)
Ord(1252)
Ord(1200)
Ord(2381)
Ord(1899)
Ord(1067)
Ord(2085)
Ord(605)
Ord(1168)
Ord(4716)
Ord(607)
Ord(776)
Ord(356)
Ord(2011)
Ord(1647)
Ord(6271)
Ord(4179)
Ord(1176)
Ord(5199)
Ord(5067)
Ord(757)
Ord(1784)
Ord(1608)
Ord(899)
Ord(6014)
Ord(2386)
Ord(4480)
Ord(1005)
Ord(6293)
Ord(2365)
Ord(5178)
Ord(1087)
Ord(5222)
Ord(359)
Ord(5096)
Ord(2379)
Ord(2725)
Ord(5956)
Ord(2534)
Ord(1235)
Ord(3327)
Ord(5229)
Ord(1199)
Ord(1271)
Ord(4320)
Ord(3176)
Ord(2708)
Ord(2394)
Ord(6720)
Ord(1007)
Ord(2638)
Ord(3943)
Ord(4884)
Ord(1197)
Ord(1178)
Ord(1911)
Ord(3238)
Ord(1079)
Ord(3824)
Ord(2402)
Ord(4729)
Ord(2366)
Ord(2856)
Ord(5908)
Ord(774)
Ord(282)
Ord(3339)
Ord(293)
Ord(1611)
Ord(920)
Ord(4008)
Ord(566)
Ord(3249)
Ord(1170)
Ord(6751)
Ord(563)
Ord(2397)
Ord(1661)
Ord(265)
Ord(1662)
Ord(3942)
Ord(2384)
Ord(1053)
Ord(4475)
Ord(6274)
Ord(1479)
Ord(2640)
Ord(2155)
Ord(2054)
Ord(762)
Ord(1118)
Ord(3703)
Ord(6275)
Ord(4256)
Ord(4026)
Ord(5171)
Ord(3826)
Ord(3712)
Ord(4276)
Ord(5148)
Ord(929)
Ord(1392)
Ord(2009)
Ord(4206)
Ord(4238)
Ord(4562)
Ord(2527)
Ord(1946)
Ord(1590)
Ord(4961)
Ord(764)
Ord(927)
Ord(2163)
Ord(4574)
Ord(5231)
Ord(6232)
Ord(2311)
Ord(1251)
Ord(1033)
Ord(2399)
Ord(2461)
Ord(4301)
Ord(4094)
Ord(1115)
Ord(1172)
Ord(3713)
Ord(896)
Ord(2404)
Ord(1093)
Ord(2942)
Ord(2390)
Ord(3940)
Ord(1192)
Ord(6700)
Ord(1058)
Ord(1591)
Ord(765)
Ord(6272)
Ord(1955)
Ord(3397)
Ord(315)
Ord(2310)
Ord(4032)
Ord(2829)
Ord(3204)
Ord(4314)
Ord(5209)
Ord(2832)
Ord(5378)
Ord(860)
Ord(1353)
Ord(2407)
_malloc_crt
_purecall
malloc
realloc
memset
wcschr
__dllonexit
__RTDynamicCast
wcsncpy_s
_wcsicmp
wcscpy_s
towupper
__clean_type_info_names_internal
_amsg_exit
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_lock
qsort
_onexit
_encode_pointer
wcscat_s
_decode_pointer
_crt_debugger_hook
_CxxThrowException
memmove_s
_unlock
_wcsnicmp
_adjust_fdiv
free
__CxxFrameHandler3
_except_handler4_common
wcsncmp
memcpy
_vsnwprintf_s
memcpy_s
_initterm_e
memmove
wcsrchr
_encoded_null
__CppXcptFilter
wcsstr
_initterm
SHGetMalloc
SHGetDesktopFolder
RegisterWindowMessageW
GetParent
ShowWindow
LoadMenuW
RemoveMenu
EnableMenuItem
IsWindow
PeekMessageW
GetWindowRect
EnableWindow
TranslateMessage
PostMessageW
DispatchMessageW
SendMessageW
SetMenuDefaultItem
GetNextDlgTabItem
ClientToScreen
SetRect
InvalidateRect
GetSubMenu
MsgWaitForMultipleObjects
SetForegroundWindow
PE exports
Number of PE resources by type
RT_STRING 8
RT_DIALOG 3
RT_MANIFEST 1
RT_MENU 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 14
PE resources
ExifTool file metadata
LegalTrademarks
NOD, NOD32, AMON, ESET are registered trademarks of ESET.

FileDescription
ESET Antispam GUI

InitializedDataSize
81920

ImageVersion
0.0

ProductName
ESET Smart Security

FileVersionNumber
6.0.308.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

LinkerVersion
8.0

OriginalFilename
eguiSmonLang.dll

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
6.0.308.0

TimeStamp
2012:12:21 13:00:58+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
eguiSmonLang.dll

SubsystemVersion
4.0

FileAccessDate
2015:01:24 22:48:55+01:00

ProductVersion
6.0.308.0

UninitializedDataSize
0

OSVersion
4.0

FileCreateDate
2015:01:24 22:48:55+01:00

FileOS
Win32

LegalCopyright
Copyright (c) ESET, spol. s r.o. 1992-2013. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
ESET

CodeSize
98304

FileSubtype
0

ProductVersionNumber
6.0.308.0

EntryPoint
0x16a2e

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 fe1626b36d3ad449ac3a949cfd67949b
SHA1 4d6e5ac9ccf6e771a8c2bbdeb22dcb1d640464d5
SHA256 44b790cee08d38bdbe09c496bc1574a156e48aa40ca5c0d7d4fee94778ca84c8
ssdeep
3072:7GQ+qiogYWCLSRLo5ZgD8p/XfHJ2sXPBBOj4EhrLggwRNXCpZINKx/I:7QOIsC8FfHBBOj4AVZw

authentihash 05b69c8ebc64021dd1c02b1e10eacbf2faed3a3ab63d3e012812ea429d8a511d
imphash 63d2082ea62af64aee46c969a5d0dd4e
File size 187.7 KB ( 192184 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
pedll signed

VirusTotal metadata
First submission 2014-12-29 20:20:21 UTC ( 3 years, 10 months ago )
Last submission 2014-12-29 20:20:21 UTC ( 3 years, 10 months ago )
File names eguiSmon.dll
eguiSmonLang.dll
eguiSmon.dll
eguiSmon.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!