× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5e70f41eb6e4626b4f00602f1950200614b3c705fea34ec7049c14f6ad14fda9
File name: freetype.dll
Detection ratio: 0 / 42
Analysis date: 2009-07-24 15:10:09 UTC ( 9 years, 8 months ago )
Antivirus Result Update
a-squared 20090724
AhnLab-V3 20090724
AntiVir 20090724
Antiy-AVL 20090724
Authentium 20090724
Avast 20090724
AVG 20090724
BitDefender 20090724
CAT-QuickHeal 20090724
ClamAV 20090724
Comodo 20090724
DrWeb 20090724
eSafe 20090723
eTrust-Vet 20090724
F-Prot 20090723
F-Secure 20090724
Fortinet 20090724
GData 20090724
Ikarus 20090724
Jiangmin 20090724
K7AntiVirus 20090724
Kaspersky 20090724
McAfee 20090723
McAfee+Artemis 20090723
McAfee-GW-Edition 20090724
Microsoft 20090724
NOD32 20090724
NOD32Beta 20090724
Norman 20090722
nProtect 20090724
Panda 20090724
PCTools 20090724
Prevx 20090724
Rising 20090724
Sophos AV 20090724
Sunbelt 20090723
Symantec 20090724
TheHacker 20090724
TrendMicro 20090724
VBA32 20090724
ViRobot 20090724
VirusBuster 20090723
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 4
PE sections
PE imports
MultiByteToWideChar
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
GetCurrentThreadId
GetCommandLineA
GetVersionExA
RtlUnwind
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetLastError
CloseHandle
ReadFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
LoadLibraryA
InterlockedExchange
VirtualQuery
InitializeCriticalSection
SetStdHandle
FlushFileBuffers
CreateFileW
CreateFileA
GetStringTypeA
GetStringTypeW
GetCPInfo
GetLocaleInfoA
GetACP
GetOEMCP
SetEndOfFile
VirtualProtect
GetSystemInfo
LCMapStringA
LCMapStringW
HeapSize
CarbonBlack CarbonBlack acts as a surveillance camera for computers
While monitoring an end-user machine in-the-wild, CarbonBlack noticed the following files in execution wrote this sample to disk.
Compressed bundles
File identification
MD5 bcef78e469758aa200cfdccf371625e0
SHA1 eb1b9e3e83c3a1f9e327079c8e54da6a473a336b
SHA256 5e70f41eb6e4626b4f00602f1950200614b3c705fea34ec7049c14f6ad14fda9
ssdeep
6144:cv3gNJSHlKa8X0mg+OE8fklH8CKASeId97IQbhok2KwrgAgGvgX:c47ScG0H8Ckd90QT2LgAN4

File size 348.0 KB ( 356352 bytes )
File type unknown
Magic literal

TrID
VirusTotal metadata
First submission 2009-07-24 15:10:09 UTC ( 9 years, 8 months ago )
Last submission 2009-07-24 15:10:09 UTC ( 9 years, 8 months ago )
File names freetype.dll
freetype.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!