× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 490974f9bbca168dbb3e2ca6552a2701e18cb09f29232b12ce4dfe0aa7ff342c
File name: Carrier.dll
Detection ratio: 6 / 55
Analysis date: 2016-08-13 14:31:41 UTC ( 2 years, 6 months ago ) View latest
Antivirus Result Update
Avira (no cloud) TR/Dropper.Gen2 20160813
Bkav W32.eHeur.DTVirus 20160813
DrWeb BACKDOOR.Trojan 20160813
Kaspersky HEUR:Trojan.Win32.Generic 20160813
Qihoo-360 QVM26.1.Malware.Gen 20160813
Rising Malware.Generic!9IzQ7Zq2AeM@6 (Thunder) 20160813
Ad-Aware 20160813
AegisLab 20160813
AhnLab-V3 20160813
Alibaba 20160812
ALYac 20160813
Antiy-AVL 20160813
Arcabit 20160813
Avast 20160813
AVG 20160813
AVware 20160813
Baidu 20160813
BitDefender 20160813
CAT-QuickHeal 20160813
ClamAV 20160813
CMC 20160811
Comodo 20160813
Cyren 20160813
Emsisoft 20160813
ESET-NOD32 20160813
F-Prot 20160813
F-Secure 20160813
Fortinet 20160813
GData 20160813
Ikarus 20160813
Jiangmin 20160813
K7AntiVirus 20160813
K7GW 20160813
Kingsoft 20160813
Malwarebytes 20160813
McAfee 20160813
McAfee-GW-Edition 20160813
Microsoft 20160813
eScan 20160813
NANO-Antivirus 20160813
nProtect 20160812
Panda 20160813
Sophos AV 20160813
SUPERAntiSpyware 20160813
Symantec 20160813
Tencent 20160813
TheHacker 20160812
TrendMicro 20160813
TrendMicro-HouseCall 20160813
VBA32 20160812
VIPRE 20160813
ViRobot 20160813
Yandex 20160812
Zillya 20160812
Zoner 20160813
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-02-08 08:14:14
Entry Point 0x00002F01
Number of sections 5
PE sections
Overlays
MD5 af2acaee4c5526f5aaef5d551adeb18f
File type data
Offset 61952
Size 89528
Entropy 5.87
PE imports
RegDeleteKeyA
CloseServiceHandle
RegCloseKey
StartServiceCtrlDispatcherA
OpenServiceA
SetServiceStatus
CreateServiceA
FreeSid
RegQueryValueExA
AllocateAndInitializeSid
CheckTokenMembership
RegSetValueExA
StartServiceA
RegCreateKeyExA
RegOpenKeyExA
OpenSCManagerA
RegisterServiceCtrlHandlerA
GetLastError
InterlockedDecrement
HeapFree
GetStdHandle
EnterCriticalSection
WriteProcessMemory
VirtualAllocEx
GetConsoleCP
HeapDestroy
QueryPerformanceCounter
CopyFileA
ExitProcess
TlsAlloc
GetVersionExA
GetEnvironmentStringsW
FlushFileBuffers
GetModuleFileNameA
RtlUnwind
LoadLibraryA
CreateRemoteThread
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetEnvironmentStrings
GetConsoleMode
GetLocaleInfoA
GetCurrentProcessId
GetConsoleOutputCP
OpenProcess
WriteConsoleW
LCMapStringA
GetCPInfo
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
HeapSize
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetCommandLineA
GetProcAddress
GetStringTypeA
SetStdHandle
LCMapStringW
SetFilePointer
HeapAlloc
WideCharToMultiByte
TlsFree
FreeEnvironmentStringsW
CreateDirectoryExA
WriteFile
GetStartupInfoA
CloseHandle
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
GetOEMCP
TerminateProcess
CreateProcessA
SetUnhandledExceptionFilter
WriteConsoleA
IsValidCodePage
HeapCreate
VirtualFree
IsDebuggerPresent
Sleep
GetFileType
TlsSetValue
CreateFileA
GetTickCount
GetCurrentThreadId
LeaveCriticalSection
VirtualAlloc
SetLastError
InterlockedIncrement
GetModuleFileNameExA
EnumProcesses
SHGetFolderPathA
FindWindowA
PE exports
Number of PE resources by type
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
File identification
MD5 bc05977b3f543ac1388c821274cbd22e
SHA1 7211275a6f9366c1c2e1a1bb35cdc0714dec169a
SHA256 490974f9bbca168dbb3e2ca6552a2701e18cb09f29232b12ce4dfe0aa7ff342c
ssdeep
1536:Os9ZN2kC3ZEdhsr8PMtasJvp5JHWlTEaQtvzE/pgTIF1V5i+:OWxdMtasJvp5JHWpLF1V5i+

authentihash a6782eb279d1495adfc6f444347f11cb0c252ba5bf5f0614394fe6e57e86b931
imphash 2be91cb315ada331b1b197e2cd9312c9
File size 147.9 KB ( 151480 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
pedll overlay

VirusTotal metadata
First submission 2016-08-13 14:31:41 UTC ( 2 years, 6 months ago )
Last submission 2016-08-22 22:39:48 UTC ( 2 years, 6 months ago )
File names Carrier.dll
bc05977b3f543ac1388c821274cbd22e
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!