× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5cdd8cefd9f2b445c5bfb3b52ac9514d19927cc6b27373d3893ce72e9d9e391f
File name: SHA1.xs.dll
Detection ratio: 0 / 67
Analysis date: 2018-08-02 03:14:05 UTC ( 7 months, 3 weeks ago )
Antivirus Result Update
Ad-Aware 20180802
AegisLab 20180802
AhnLab-V3 20180801
Alibaba 20180713
ALYac 20180802
Antiy-AVL 20180802
Arcabit 20180802
Avast 20180802
Avast-Mobile 20180802
AVG 20180802
Avira (no cloud) 20180801
AVware 20180727
Babable 20180725
Baidu 20180801
BitDefender 20180802
Bkav 20180801
CAT-QuickHeal 20180801
ClamAV 20180802
CMC 20180801
Comodo 20180801
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180802
Cyren 20180802
DrWeb 20180802
eGambit 20180802
Emsisoft 20180802
Endgame 20180730
ESET-NOD32 20180802
F-Prot 20180802
F-Secure 20180802
Fortinet 20180802
GData 20180802
Ikarus 20180801
Sophos ML 20180717
Jiangmin 20180802
K7AntiVirus 20180801
K7GW 20180802
Kaspersky 20180802
Kingsoft 20180802
Malwarebytes 20180802
MAX 20180802
McAfee 20180802
McAfee-GW-Edition 20180802
Microsoft 20180802
eScan 20180802
NANO-Antivirus 20180802
Palo Alto Networks (Known Signatures) 20180802
Panda 20180801
Qihoo-360 20180802
Rising 20180802
SentinelOne (Static ML) 20180701
Sophos AV 20180802
SUPERAntiSpyware 20180801
Symantec 20180802
Symantec Mobile Insight 20180801
TACHYON 20180802
Tencent 20180802
TheHacker 20180730
TotalDefense 20180801
TrendMicro 20180802
TrendMicro-HouseCall 20180802
Trustlook 20180802
VBA32 20180801
VIPRE 20180802
ViRobot 20180801
Webroot 20180802
Yandex 20180731
Zillya 20180801
ZoneAlarm by Check Point 20180802
Zoner 20180801
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-04-15 16:49:10
Entry Point 0x00001420
Number of sections 9
PE sections
PE imports
DeleteCriticalSection
GetCurrentProcess
TerminateProcess
EnterCriticalSection
InitializeCriticalSection
GetCurrentProcessId
GetModuleHandleA
GetLastError
SetUnhandledExceptionFilter
QueryPerformanceCounter
UnhandledExceptionFilter
TlsGetValue
GetTickCount
GetSystemTimeAsFileTime
VirtualProtect
Sleep
GetCurrentThreadId
VirtualQuery
GetProcAddress
LeaveCriticalSection
_amsg_exit
strncmp
malloc
_unlock
fwrite
_lock
__dllonexit
_onexit
abort
free
vfprintf
memcmp
calloc
_initterm
strlen
memcpy
_iob
Perl_safesysmalloc
Perl_PerlIO_read
Perl_sv_derived_from
Perl_sv_2io
Perl_warn_nocontext
Perl_xs_boot_epilog
Perl_PerlIO_error
Perl_sv_2iv_flags
Perl_sv_reftype
Perl_newSVpv
Perl_sv_newmortal
Perl_newXS_deffile
Perl_sv_2mortal
Perl_sv_2pvbyte
Perl_sv_2pv_flags
Perl_xs_handshake
Perl_croak_xs_usage
Perl_sv_setref_pv
Perl_safesysfree
Perl_croak_nocontext
PE exports
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
dll

TimeStamp
2018:04:15 17:49:10+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
19456

LinkerVersion
2.25

ImageFileCharacteristics
Executable, No line numbers, No symbols, 32-bit, No debug, DLL

EntryPoint
0x1420

InitializedDataSize
27136

SubsystemVersion
4.0

ImageVersion
1.0

OSVersion
4.0

UninitializedDataSize
1024

Compressed bundles
File identification
MD5 485b242cfa8334c373c56e04e879facc
SHA1 450fb5030e16388d37b180ce6971352ce933d20e
SHA256 5cdd8cefd9f2b445c5bfb3b52ac9514d19927cc6b27373d3893ce72e9d9e391f
ssdeep
768:nNxUvLDBgMJEd9X92JMRfET+GRUMnwO7Vm+EC:NxUvXBgMJjJMRfET+GRUMnwr+

authentihash f81f62d7fe08ff814b5467996fab46298f08c7ce92a78d66449e3efe43fe6904
imphash 4eeacde069fa387630ca0404920a0a07
File size 27.5 KB ( 28160 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit

TrID Win64 Executable (generic) (61.7%)
Win32 Dynamic Link Library (generic) (14.6%)
Win32 Executable (generic) (10.0%)
OS/2 Executable (generic) (4.5%)
Generic Win/DOS Executable (4.4%)
Tags
pedll

VirusTotal metadata
First submission 2018-04-25 02:30:50 UTC ( 11 months ago )
Last submission 2018-05-21 22:17:54 UTC ( 10 months ago )
File names SHA1.xs.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!