× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 55c5eb3818343cc657426c57faa427f34ba8ed199308d41346a7658e99291d7f
File name: Combat Arms Br ~Sr.Master~ .dll
Detection ratio: 3 / 43
Analysis date: 2012-02-20 05:24:35 UTC ( 7 years, 3 months ago ) View latest
Antivirus Result Update
ClamAV PUA.Packed.PECompact-1 20120210
Comodo TrojWare.Win32.Vapsup.DAA 20120210
eSafe Suspicious File 20120208
AhnLab-V3 20120210
AntiVir 20120210
Antiy-AVL 20120208
Avast 20120210
AVG 20120210
BitDefender 20120210
ByteHero 20120216
CAT-QuickHeal 20120210
Commtouch 20120210
DrWeb 20120210
Emsisoft 20120210
eTrust-Vet 20120210
F-Prot 20120209
F-Secure 20120210
Fortinet 20120210
GData 20120210
Ikarus 20120210
Jiangmin 20120210
K7AntiVirus 20120210
Kaspersky 20120210
McAfee 20120208
McAfee-GW-Edition 20120209
Microsoft 20120210
NOD32 20120210
Norman 20120210
nProtect 20120210
Panda 20120210
PCTools 20120207
Prevx 20120220
Rising 20120210
Sophos AV 20120210
SUPERAntiSpyware 20120206
Symantec 20120210
TheHacker 20120210
TrendMicro 20120210
TrendMicro-HouseCall 20120210
VBA32 20120210
VIPRE 20120210
ViRobot 20120210
VirusBuster 20120210
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
Packers identified
F-PROT PecBundle, PECompact
PEiD PECompact 2.xx --> BitSum Technologies
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-02-17 18:25:18
Entry Point 0x000133FF
Number of sections 3
PE sections
PE imports
_decode_pointer
SetRect
D3DXCreateFontA
LoadLibraryA, GetProcAddress, VirtualAlloc, VirtualFree
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2012:02:17 19:25:18+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
9728

LinkerVersion
9.0

EntryPoint
0x133ff

InitializedDataSize
6656

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 d453cc4276ac20c6947e8088afb40299
SHA1 1009bbe81709d3d547d18effeed9c3ecd6f6de9f
SHA256 55c5eb3818343cc657426c57faa427f34ba8ed199308d41346a7658e99291d7f
ssdeep
192:Bm98uMIDqhHYpiKlYlCo7y4M8qBvaJFKIX1EHrihBRoHL60fuYrqz3X2/:098xQiHYQC6U41qBv8KIXKLP2lYr6W

File size 12.0 KB ( 12288 bytes )
File type Win32 DLL
Magic literal
MS-DOS executable PE for MS Windows (DLL) (GUI) Intel 80386 32-bit, PECompact2 compressed

TrID Win32 EXE PECompact compressed (v2.x) (52.1%)
Win32 EXE PECompact compressed (generic) (36.7%)
Win32 Executable Generic (7.5%)
Generic Win/DOS Executable (1.7%)
DOS Executable Generic (1.7%)
Tags
pecompact

VirusTotal metadata
First submission 2012-02-17 23:55:25 UTC ( 7 years, 3 months ago )
Last submission 2012-04-25 19:44:11 UTC ( 7 years ago )
File names Combat Arms BR.dll
Combat Arms Br ~Sr.Master~ .dll
1009bbe81709d3d547d18effeed9c3ecd6f6de9f.bin
file-3569329_dll
LQY1njPT.tar
Combat Arms Br lukas-b- .dll
CABASE.dll
combat arms br.dll
55c5eb3818343cc657426c57faa427f34ba8ed199308d41346a7658e99291d7f.log
aa
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!