× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5af4e8648fccf13a632ad13a161cc06854d51e43bf9d9e0534268332fee7285e
File name: ScreenCapture.dll
Detection ratio: 0 / 24
Analysis date: 2017-01-18 16:57:19 UTC ( 2 years, 2 months ago )
Antivirus Result Update
AegisLab 20170118
ALYac 20170118
Antiy-AVL 20170118
Arcabit 20170118
Avira (no cloud) 20170118
AVware 20170118
Baidu 20170118
ClamAV 20170118
CMC 20170118
CrowdStrike Falcon (ML) 20161024
Emsisoft 20170118
F-Secure 20170118
Ikarus 20170118
Sophos ML 20170111
Jiangmin 20170118
Kaspersky 20170118
Kingsoft 20170118
Malwarebytes 20170118
McAfee-GW-Edition 20170118
Panda 20170118
Qihoo-360 20170118
Trustlook 20170118
VIPRE 20170118
Zillya 20170117
Zoner 20170118
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-06-14 07:59:56
Entry Point 0x00001594
Number of sections 8
PE sections
PE imports
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegRestoreKeyW
RegSetValueExW
RegUnLoadKeyW
RegQueryInfoKeyW
RegConnectRegistryW
RegEnumKeyExW
RegOpenKeyExW
RegSaveKeyW
RegFlushKey
RegReplaceKeyW
RegEnumValueW
RegDeleteKeyW
RegQueryValueExW
RegLoadKeyW
GetAllocMemCount
_strlen
___pfnDliFailureHook
_chdir
@_InitTermAndUnexPtrs$qv
_memset
@std@exception@what$xqv
__handle_wexitargv
__ftol
__handle_exitargv
@std@_String_base@_Xran$xqv
@_ThrowExceptionLDTC$qpvt1t1t1uiuiuipuct1
@$bdla$qpv
_memcpy
___CRTL_TLS_SetValue
@setRaiseListFuncAddr$qpvt1
_setdisk
___CRTL_TLS_Free
__argv_default_expand
@_ReThrowException$quipuc
@__getExceptVarRec$qv
_realloc
_sin
__ltoupper
__delayLoadHelper
_vsnwprintf
@std@exception@$bdtr$qv
__ErrorMessage
__FUnloadDelayLoadedDLL
__wargv_default_expand
___CRTL_TLS_ExitThread
@$bdele$qpv
__handle_wsetargv
_cos
___pfnDliNotifyHook
@__GetTypeInfo$qpvt1t1
@$bnwa$qui
@__DynamicCastVCLptr$qqrpvt1
@$bnew$qui
___CRTL_MEM_GetBorMemPtrs
@_CatchCleanup$qv
_fflush
__rtl_memset
__ErrorExit
__free_heaps
____ExceptionHandler
_free
@std@_String_base@_Xlen$xqv
_tan
___CRTL_TLS_InitThread
_memmove
___CRTL_TLS_Alloc
_abort
__handle_setargv
_malloc
@setExceptionFuncAddr$qpqp17_EXCEPTION_RECORDpp4tpid$pvppqqrp17_EXCEPTION_RECORD$v
_atan2
___raiseDebuggerException
___terminatePTR
___CRTL_TLS_GetValue
__wstartupd
_floor
___CRTL_MEM_UseBorMM
ImageList_BeginDrag
ImageList_SetBkColor
ImageList_GetImageInfo
FlatSB_SetScrollInfo
ImageList_SetImageCount
Ord(17)
FlatSB_GetScrollInfo
ImageList_DragMove
FlatSB_SetScrollProp
ImageList_Remove
ImageList_GetDragImage
ImageList_DrawEx
ImageList_SetIconSize
ImageList_Write
ImageList_GetImageCount
ImageList_Replace
ImageList_SetOverlayImage
ImageList_Destroy
_TrackMouseEvent
ImageList_Draw
ImageList_GetIconSize
ImageList_DragLeave
ImageList_GetBkColor
ImageList_GetIcon
FlatSB_SetScrollPos
ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_Add
InitializeFlatSB
FlatSB_GetScrollPos
ImageList_DragShowNolock
ImageList_Create
ImageList_Read
ImageList_Copy
ImageList_LoadImageW
ImageList_EndDrag
GetSaveFileNameW
GetOpenFileNameW
SetDIBits
PolyPolyline
GetTextMetricsW
SetMapMode
GetWindowOrgEx
ResizePalette
GetPaletteEntries
CombineRgn
CopyEnhMetaFileW
SetPixel
EndDoc
IntersectClipRect
CreatePalette
EqualRgn
CreateDIBitmap
GetDIBits
GetEnhMetaFileBits
GetDCOrgEx
StretchBlt
StretchDIBits
Pie
SetWindowExtEx
Arc
SetViewportExtEx
ExtCreatePen
SetBkColor
SetWinMetaFileBits
SetRectRgn
GetDIBColorTable
DeleteEnhMetaFile
CreateFontIndirectW
SetStretchBltMode
EnumFontsW
GetCurrentPositionEx
GetBitmapBits
GetBrushOrgEx
ExcludeClipRect
SetBkMode
BitBlt
SetAbortProc
FrameRgn
CreateBrushIndirect
SelectPalette
StartDocW
SetROP2
EndPage
GetNearestPaletteIndex
SetDIBColorTable
DeleteObject
CreatePenIndirect
PatBlt
GetClipBox
Rectangle
GetDeviceCaps
LineTo
DeleteDC
SetEnhMetaFileBits
GetSystemPaletteEntries
StartPage
GetObjectW
CreateDCW
GetEnhMetaFileDescriptionW
ExtTextOutW
CreateBitmap
RectVisible
GetStockObject
PlayEnhMetaFile
UnrealizeObject
GdiFlush
SelectClipRgn
RoundRect
GetWinMetaFileBits
RealizePalette
GetEnhMetaFileHeader
SetWindowOrgEx
GetTextExtentPoint32W
Polygon
CreateHalftonePalette
GetRgnBox
SaveDC
CreateICW
MaskBlt
GetEnhMetaFilePaletteEntries
RestoreDC
GetPixel
CreateDIBSection
SetTextColor
ExtFloodFill
MoveToEx
EnumFontFamiliesExW
SetViewportOrgEx
CreateCompatibleDC
PolyBezierTo
PolyBezier
Chord
SetBrushOrgEx
CreateRectRgn
SelectObject
CreateCompatibleBitmap
CreateSolidBrush
Polyline
AbortDoc
Ellipse
SetThreadLocale
GetStdHandle
FileTimeToDosDateTime
WaitForSingleObject
SignalObjectAndWait
GetFileAttributesW
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
LocalAlloc
SetErrorMode
GetLocaleInfoW
GetCPInfo
lstrcmpiA
GetDiskFreeSpaceW
InterlockedExchange
WriteFile
GetThreadPriority
SetEvent
LocalFree
FormatMessageW
ResumeThread
InitializeCriticalSection
OutputDebugStringW
GlobalHandle
FindClose
GetFullPathNameW
WritePrivateProfileStringW
SetLastError
GetUserDefaultUILanguage
GlobalFindAtomW
GetUserDefaultLangID
LoadResource
GetModuleFileNameW
TryEnterCriticalSection
IsDebuggerPresent
HeapAlloc
InterlockedExchangeAdd
SetThreadPriority
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
EnumCalendarInfoW
GetPrivateProfileStringW
SetFilePointer
GlobalAddAtomW
CreateThread
GetSystemDefaultUILanguage
GetExitCodeThread
MulDiv
ExitThread
lstrcpynW
WaitForMultipleObjectsEx
SetCurrentDirectoryW
GlobalAlloc
VirtualQueryEx
SetEndOfFile
GetVersion
InterlockedIncrement
HeapFree
EnterCriticalSection
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
LoadLibraryA
RtlUnwind
GlobalSize
GetStartupInfoA
GetDateFormatW
GetProcAddress
GetProcessHeap
CompareStringW
lstrcpyW
FindNextFileW
GetCurrentThreadId
ResetEvent
FindFirstFileW
IsValidLocale
GlobalLock
CreateEventW
CreateFileW
ExitProcess
LeaveCriticalSection
GetLastError
GlobalDeleteAtom
GetSystemInfo
GlobalFree
GetThreadLocale
GlobalUnlock
VirtualQuery
lstrlenW
FileTimeToLocalFileTime
SizeofResource
GetCurrentProcessId
LockResource
GetCommandLineW
GetCurrentDirectoryA
InterlockedCompareExchange
GetCurrentThread
SuspendThread
RaiseException
GetModuleHandleA
ReadFile
CloseHandle
GetACP
GetModuleHandleW
FreeResource
SwitchToThread
WideCharToMultiByte
FindResourceW
VirtualFree
Sleep
VirtualAlloc
AlphaBlend
OleUninitialize
CoUninitialize
CoInitialize
CoTaskMemAlloc
CLSIDFromString
CoCreateInstance
IsEqualGUID
CoTaskMemFree
OleInitialize
VariantChangeType
SafeArrayGetLBound
SafeArrayPtrOfIndex
SysAllocStringLen
VariantClear
SafeArrayCreate
SysReAllocStringLen
SafeArrayGetUBound
VariantCopy
GetErrorInfo
SysFreeString
VariantInit
RedrawWindow
GetForegroundWindow
SetWindowRgn
UnregisterHotKey
LoadBitmapW
EnableScrollBar
DestroyMenu
PostQuitMessage
GetMessagePos
SetWindowPos
IsWindow
DispatchMessageA
EndPaint
ScrollWindowEx
GetWindowLongA
WindowFromPoint
IntersectRect
PeekMessageA
CharUpperBuffW
SetMenuItemInfoW
SendMessageW
SetActiveWindow
GetDC
GetCursorPos
CharLowerBuffW
GetDlgCtrlID
DefFrameProcW
SendMessageA
UnregisterClassW
GetClassInfoW
DefWindowProcW
DrawTextW
SetScrollPos
CallNextHookEx
IsClipboardFormatAvailable
MsgWaitForMultipleObjectsEx
GetClientRect
CountClipboardFormats
GetActiveWindow
RegisterHotKey
OpenClipboard
GetWindowTextW
EnumClipboardFormats
MsgWaitForMultipleObjects
GetTopWindow
GetMenuItemID
DestroyWindow
DrawEdge
GetParent
UpdateWindow
GetPropW
EqualRect
SetClassLongW
EnumWindows
CreateCaret
ShowWindow
GetCaretPos
DrawFrameControl
SetPropW
GetDesktopWindow
IsCharAlphaW
PeekMessageW
SetWindowsHookExW
EnableWindow
SetWindowPlacement
LoadIconW
TranslateMessage
IsWindowEnabled
GetWindow
DestroyCaret
ActivateKeyboardLayout
SetClipboardData
GetIconInfo
SetParent
RegisterClassW
ScrollWindow
IsZoomed
GetWindowPlacement
LoadStringW
SetWindowLongW
GetKeyboardLayoutList
DrawMenuBar
EnableMenuItem
DrawFocusRect
GetDCEx
GetKeyboardLayout
FillRect
EnumThreadWindows
CreateAcceleratorTableW
GetSysColorBrush
IsWindowUnicode
CreateWindowExW
GetWindowLongW
GetMenuItemInfoW
IsChild
IsDialogMessageA
MapWindowPoints
RegisterWindowMessageW
ReleaseCapture
BeginPaint
OffsetRect
DefMDIChildProcW
GetScrollPos
CopyIcon
GetKeyboardLayoutNameW
KillTimer
MapVirtualKeyW
SetTimer
GetClipboardData
GetSystemMetrics
IsIconic
SetScrollRange
TrackPopupMenu
GetWindowRect
InflateRect
SetCapture
DrawIcon
EnumChildWindows
GetScrollRange
GetMessageExtraInfo
CharLowerW
SetWindowLongA
ShowOwnedPopups
PostMessageW
InvalidateRect
WaitMessage
CreatePopupMenu
CheckMenuItem
GetSubMenu
GetClassLongW
GetLastActivePopup
DrawIconEx
GetMessageTime
SetWindowTextW
CreateMenu
GetDlgItem
RemovePropW
SystemParametersInfoW
ClientToScreen
SetKeyboardState
GetKeyboardState
GetMenuItemCount
GetMenuState
IsDialogMessageW
LoadCursorW
GetSystemMenu
FindWindowExW
DispatchMessageW
InsertMenuW
SetForegroundWindow
SetFocus
GetMenuStringW
EmptyClipboard
ReleaseDC
DrawTextExW
GetScrollInfo
FindWindowW
GetCapture
ScreenToClient
SetCaretPos
MessageBeep
RemoveMenu
GetWindowThreadProcessId
ShowScrollBar
MessageBoxW
GetMenu
SetMenu
LoadKeyboardLayoutW
MessageBoxA
GetWindowDC
DestroyCursor
AdjustWindowRectEx
GetSysColor
RegisterClipboardFormatW
SetScrollInfo
GetKeyState
GetDoubleClickTime
DestroyIcon
IsWindowVisible
SetCursorPos
IsCharAlphaNumericW
FrameRect
SetRect
DeleteMenu
GetKeyNameTextW
CharNextW
CallWindowProcW
TranslateMDISysAccel
CreateIcon
ValidateRect
GetCursor
GetFocus
InsertMenuItemW
CloseClipboard
UnhookWindowsHookEx
SetCursor
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
timeGetTime
DocumentPropertiesW
OpenPrinterW
ClosePrinter
EnumPrintersW
Ord(203)
PE exports
Number of PE resources by type
RT_STRING 22
RT_GROUP_CURSOR 13
RT_CURSOR 13
RT_BITMAP 10
RT_RCDATA 3
Number of PE resources by language
ENGLISH US 25
NEUTRAL 24
CHINESE TRADITIONAL 12
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

TimeStamp
2012:06:14 08:59:56+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
1306624

LinkerVersion
5.0

FileTypeExtension
dll

InitializedDataSize
86016

SubsystemVersion
5.0

EntryPoint
0x1594

OSVersion
4.0

ImageVersion
0.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 2eeab1b1157b2cfcaa12ee72f78c541c
SHA1 48ba2a19bd10a3ccf899cbd47df2b88374b1bdba
SHA256 5af4e8648fccf13a632ad13a161cc06854d51e43bf9d9e0534268332fee7285e
ssdeep
49152:PFtiYq5Skudi0iY9XsWEK/7ILTaJHh8D+T+KNzmMgVjYY6QOFBw7T6kkWPEqdLp:cuTEK/Xya9yMzwfFL

authentihash 74889513f530563762cadd8ae2c9fa047e012f9d83001e00498491499204307b
imphash bc4962890a80290463f81a746e98affc
File size 2.3 MB ( 2414080 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit

TrID InstallShield setup (38.1%)
Win32 EXE PECompact compressed (generic) (36.8%)
Windows screen saver (11.6%)
Win32 Dynamic Link Library (generic) (5.8%)
Win32 Executable (generic) (3.9%)
Tags
pedll

VirusTotal metadata
First submission 2013-06-18 01:29:24 UTC ( 5 years, 9 months ago )
Last submission 2017-01-18 16:57:19 UTC ( 2 years, 2 months ago )
File names ScreenCapture.dll
ScreenCapture.dll
ScreenCapture.dll
ScreenCapture.dll
ScreenCapture.dll
ScreenCapture.dll
ScreenCapture.dll
ScreenCapture.dll
ScreenCapture.dll
ScreenCapture.dll
ScreenCapture.dll
ScreenCapture.dll
ScreenCapture.dll
ScreenCapture.dll
ScreenCapture.dll
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!