× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 463e45d4933a18ac2ca92f0e61fd0b49e4904023eb578ff5d90371c6167b7e3c
File name: dpeventmsg.dll.D93E5A59_DC16_41F7_9E63_BD32EA94FCE9
Detection ratio: 0 / 46
Analysis date: 2013-04-25 06:20:10 UTC ( 5 years, 6 months ago )
Antivirus Result Update
Yandex 20130424
AhnLab-V3 20130424
AntiVir 20130425
Antiy-AVL 20130425
Avast 20130425
AVG 20130425
BitDefender 20130425
ByteHero 20130418
CAT-QuickHeal 20130425
ClamAV 20130425
Commtouch 20130425
Comodo 20130425
DrWeb 20130425
Emsisoft 20130425
eSafe 20130423
ESET-NOD32 20130424
F-Prot 20130425
F-Secure 20130425
Fortinet 20130425
GData 20130425
Ikarus 20130425
Jiangmin 20130425
K7AntiVirus 20130424
K7GW 20130424
Kaspersky 20130425
Kingsoft 20130422
Malwarebytes 20130425
McAfee 20130425
McAfee-GW-Edition 20130425
Microsoft 20130425
eScan 20130425
NANO-Antivirus 20130424
Norman 20130424
nProtect 20130425
Panda 20130424
PCTools 20130425
Sophos AV 20130425
SUPERAntiSpyware 20130425
Symantec 20130425
TheHacker 20130424
TotalDefense 20130424
TrendMicro 20130425
TrendMicro-HouseCall 20130425
VBA32 20130424
VIPRE 20130425
ViRobot 20130425
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright (c) DigitalPersona, Inc. 1996-2010

Publisher DigitalPersona, Inc.
Product HP ProtectTools Security Manager
Original name DPEventMsg.DLL
Internal name DPEventMsg
File version 5.1.1.935
Description Message Collection
Signing date 10:54 PM 12/29/2010
PE header basic information
Target machine x64
Compilation timestamp 2010-12-29 21:38:12
Entry Point 0x0000DC28
Number of sections 6
PE sections
PE imports
RegCreateKeyExW
RegEnumValueW
RegCloseKey
RegSetValueExW
RegQueryValueExA
RegEnumKeyExW
RegOpenKeyExW
RegEnumKeyA
RegDeleteKeyW
RegOpenKeyExA
RegQueryValueExW
GetStdHandle
GetConsoleOutputCP
HeapDestroy
EncodePointer
FlsGetValue
FlsSetValue
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
FreeEnvironmentStringsW
SetStdHandle
GetCPInfo
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetOEMCP
LocalFree
InitializeCriticalSection
LoadResource
FindClose
SetLastError
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
GetVersionExA
GetModuleFileNameA
HeapSetInformation
RtlVirtualUnwind
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
SetUnhandledExceptionFilter
DecodePointer
TerminateProcess
WriteConsoleA
VirtualQuery
GetCurrentThreadId
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
VirtualProtect
FlushFileBuffers
LoadLibraryA
GetStartupInfoA
RtlPcToFileHeader
GetFileSize
CreateDirectoryW
GetProcAddress
GetProcessHeap
RtlLookupFunctionEntry
GetComputerNameA
FindFirstFileW
RtlUnwindEx
CreateFileW
GetFileType
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
LCMapStringW
GetSystemInfo
GetConsoleCP
FindResourceW
LCMapStringA
GetEnvironmentStringsW
lstrlenW
SizeofResource
GetCurrentProcessId
LockResource
ProcessIdToSessionId
WideCharToMultiByte
HeapSize
FlsAlloc
GetCommandLineA
FlsFree
RaiseException
SetFilePointer
ReadFile
RtlCaptureContext
CloseHandle
GetACP
GetModuleHandleW
GetEnvironmentStrings
IsValidCodePage
HeapCreate
FindResourceExW
Sleep
VirtualAlloc
Ord(4)
Ord(6)
PathAppendW
PE exports
Number of PE resources by type
RT_MESSAGETABLE 25
RT_STRING 5
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 8
SWEDISH 1
PORTUGUESE 1
CZECH DEFAULT 1
FRENCH 1
CHINESE SIMPLIFIED 1
SLOVENIAN DEFAULT 1
DUTCH 1
ITALIAN 1
NORWEGIAN BOKMAL 1
FINNISH DEFAULT 1
PORTUGUESE BRAZILIAN 1
KOREAN 1
HUNGARIAN DEFAULT 1
GERMAN 1
BULGARIAN DEFAULT 1
POLISH DEFAULT 1
JAPANESE DEFAULT 1
DANISH DEFAULT 1
GREEK DEFAULT 1
TURKISH DEFAULT 1
CHINESE TRADITIONAL 1
SPANISH MODERN 1
ROMANIAN 1
RUSSIAN 1
PE resources
ExifTool file metadata
CodeSize
114176

SubsystemVersion
5.2

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
5.1.1.935

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Message Collection

CharacterSet
Windows, Latin1

InitializedDataSize
630784

OriginalFileName
DPEventMsg.DLL

MIMEType
application/octet-stream

LegalCopyright
Copyright DigitalPersona, Inc. 1996-2010

FileVersion
5.1.1.935

TimeStamp
2010:12:29 22:38:12+01:00

FileType
Win64 DLL

PEType
PE32+

InternalName
DPEventMsg

FileAccessDate
2013:04:25 07:26:10+01:00

ProductVersion
5.1.1.935

UninitializedDataSize
0

OSVersion
5.2

FileCreateDate
2013:04:25 07:26:10+01:00

FileOS
Win32

Subsystem
Windows GUI

MachineType
AMD AMD64

CompanyName
DigitalPersona, Inc.

LegalTrademarks
DigitalPersona

ProductName
HP ProtectTools Security Manager

ProductVersionNumber
5.1.1.935

EntryPoint
0xdc28

ObjectFileType
Dynamic link library

Compressed bundles
File identification
MD5 d79a5b0cd7766297e0164317cb676a86
SHA1 506a3dca1c51c6f971b9ff4247ee727ed868312d
SHA256 463e45d4933a18ac2ca92f0e61fd0b49e4904023eb578ff5d90371c6167b7e3c
ssdeep
6144:/Mjad23YIwrroLF/KBwvJUWvwAiKmXVITVjOBzHyLf:A3HhLtK2xiKUITVeHyLf

File size 733.8 KB ( 751440 bytes )
File type Win32 DLL
Magic literal
PE32+ executable for MS Windows (DLL) (GUI) Mono/.Net assembly

TrID Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
Tags
assembly pedll signed

VirusTotal metadata
First submission 2013-04-25 06:20:10 UTC ( 5 years, 6 months ago )
Last submission 2013-04-25 06:20:10 UTC ( 5 years, 6 months ago )
File names D79A5B0CD7766297E0164317CB676A86
DPEventMsg.DLL
DPEventMsg.dll
DPEventMsg
dpeventmsg.dll.D93E5A59_DC16_41F7_9E63_BD32EA94FCE9
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!