× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 59587709ead4ec7d4156308b3d099068a02a960478933e6e12511d9ae6aafc52
File name: cwebpage.dll
Detection ratio: 0 / 67
Analysis date: 2018-04-28 19:11:12 UTC ( 12 months ago )
Antivirus Result Update
Ad-Aware 20180428
AegisLab 20180428
AhnLab-V3 20180428
Alibaba 20180428
ALYac 20180428
Antiy-AVL 20180428
Arcabit 20180428
Avast 20180428
Avast-Mobile 20180428
AVG 20180428
Avira (no cloud) 20180428
AVware 20180428
Babable 20180406
Baidu 20180428
BitDefender 20180428
Bkav 20180426
CAT-QuickHeal 20180428
ClamAV 20180428
CMC 20180428
Comodo 20180428
CrowdStrike Falcon (ML) 20180418
Cybereason None
Cylance 20180428
Cyren 20180428
DrWeb 20180428
eGambit 20180428
Emsisoft 20180428
Endgame 20180403
ESET-NOD32 20180428
F-Prot 20180428
F-Secure 20180428
Fortinet 20180428
GData 20180428
Ikarus 20180428
Sophos ML 20180121
Jiangmin 20180428
K7AntiVirus 20180428
K7GW 20180428
Kaspersky 20180428
Kingsoft 20180428
Malwarebytes 20180428
MAX 20180428
McAfee 20180428
McAfee-GW-Edition 20180425
Microsoft 20180428
eScan 20180428
NANO-Antivirus 20180428
nProtect 20180428
Palo Alto Networks (Known Signatures) 20180428
Panda 20180428
Qihoo-360 20180428
Rising 20180428
SentinelOne (Static ML) 20180225
Sophos AV 20180428
SUPERAntiSpyware 20180428
Symantec 20180428
Symantec Mobile Insight 20180424
Tencent 20180428
TheHacker 20180426
TrendMicro 20180429
TrendMicro-HouseCall 20180428
Trustlook 20180428
VBA32 20180428
VIPRE 20180428
ViRobot 20180428
Webroot 20180428
Yandex 20180428
Zillya 20180427
ZoneAlarm by Check Point 20180428
Zoner 20180427
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-12-03 04:49:25
Entry Point 0x00002360
Number of sections 5
PE sections
PE imports
LCMapStringW
WideCharToMultiByte
GetStringTypeW
GetStringTypeA
GlobalFree
GlobalAlloc
LCMapStringA
InterlockedDecrement
MultiByteToWideChar
DisableThreadLibraryCalls
GetTickCount
Sleep
lstrcmpW
RtlUnwind
InterlockedIncrement
SafeArrayAccessData
VariantClear
SysAllocString
SafeArrayDestroy
SafeArrayCreate
SysFreeString
VariantInit
GetCursorPos
GetWindowLongA
IsWindow
DispatchMessageA
SetParent
PostMessageA
GetClientRect
SendMessageA
IsWindowUnicode
PeekMessageA
SetWindowLongA
TranslateMessage
OleUninitialize
CoCreateInstance
CoTaskMemAlloc
OleInitialize
PE exports
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
dll

TimeStamp
2010:12:03 05:49:25+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
8192

LinkerVersion
6.0

EntryPoint
0x2360

InitializedDataSize
16384

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 799fcb5e6d3e200849b787ad0b38af45
SHA1 3559ee0aa7179036fdd4786cc69433bac16bdeec
SHA256 59587709ead4ec7d4156308b3d099068a02a960478933e6e12511d9ae6aafc52
ssdeep
192:invdBWBhrOrYcRMrJxaqqcSZpLWiGeyfaZMlbfvK5/x:ivdoPtrJEJyyZMlbfvK5/

authentihash e45f3e2e25ebffa74b65820cc9f01077314bf972653ff2c3d6f330badcd32770
imphash 389f8f2f88b3bfe4eca50f4aee602264
File size 28.0 KB ( 28672 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
pedll

VirusTotal metadata
First submission 2011-01-26 03:55:04 UTC ( 8 years, 3 months ago )
Last submission 2018-04-28 19:11:12 UTC ( 12 months ago )
File names cwebpage.dll
3559EE0AA7179036FDD4786CC69433BAC16BDEEC._
-cwebpage.dll
3559EE0AA7179036FDD4786CC69433BAC16BDEEC
cwebpage.dll
cwebpage2.dll
smona131219993206386973485
cwebpage.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!