× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 647867dddfa39fd2eca8e025c1873c712fe97b15d3a366cacb3ade4618761001
File name: _326A6F8A7D5940CB9361D5649A4AAFCC
Detection ratio: 0 / 56
Analysis date: 2017-01-24 16:29:07 UTC ( 2 years, 2 months ago )
Antivirus Result Update
Ad-Aware 20170124
AegisLab 20170124
AhnLab-V3 20170124
Alibaba 20170122
ALYac 20170124
Antiy-AVL 20170124
Arcabit 20170124
Avast 20170124
AVG 20170124
Avira (no cloud) 20170124
Baidu 20170124
BitDefender 20170124
Bkav 20170123
CAT-QuickHeal 20170124
ClamAV 20170124
CMC 20170124
Comodo 20170124
CrowdStrike Falcon (ML) 20161024
Cyren 20170124
DrWeb 20170124
Emsisoft 20170124
ESET-NOD32 20170124
F-Prot 20170124
F-Secure 20170124
Fortinet 20170124
GData 20170124
Ikarus 20170124
Sophos ML 20170111
Jiangmin 20170124
K7AntiVirus 20170124
K7GW 20170124
Kaspersky 20170124
Kingsoft 20170124
Malwarebytes 20170124
McAfee 20170124
McAfee-GW-Edition 20170124
Microsoft 20170124
eScan 20170124
NANO-Antivirus 20170124
nProtect 20170124
Panda 20170124
Qihoo-360 20170124
Rising 20170124
Sophos AV 20170124
SUPERAntiSpyware 20170124
Symantec 20170124
Tencent 20170124
TheHacker 20170123
TotalDefense 20170124
TrendMicro 20170124
TrendMicro-HouseCall 20170124
Trustlook 20170124
VBA32 20170124
VIPRE 20170124
ViRobot 20170124
WhiteArmor 20170123
Yandex 20170123
Zillya 20170124
Zoner 20170124
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
2002-2012

Product Catalyst Control Center
Original name AEM.Plugin.Hotkeys.Shared.dll
Internal name AEM.Plugin.Hotkeys.Shared.dll
File version 3.5.4703.27185
Description HK Shared
Comments AEM Event HotKey Source plugin Shared types
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-11-16 20:06:11
Entry Point 0x0000305E
Number of sections 3
.NET details
Module Version ID ba169fd3-89d1-4ddd-9fca-05f9f410c07f
PE sections
PE imports
_CorDllMain
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

Comments
AEM Event HotKey Source plugin Shared types

InitializedDataSize
2048

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.5.4703.27185

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
8.0

EntryPoint
0x305e

OriginalFileName
AEM.Plugin.Hotkeys.Shared.dll

MIMEType
application/octet-stream

LegalCopyright
2002-2012

FileVersion
3.5.4703.27185

TimeStamp
2012:11:16 21:06:11+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
AEM.Plugin.Hotkeys.Shared.dll

SubsystemVersion
4.0

ProductVersion
3.5.4703.27185

FileDescription
HK Shared

OSVersion
4.0

FileOS
Win32

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Advanced Micro Devices Inc.

CodeSize
4608

ProductName
Catalyst Control Center

ProductVersionNumber
3.5.4703.27185

FileTypeExtension
dll

ObjectFileType
Dynamic link library

AssemblyVersion
3.5.4703.27185

CarbonBlack CarbonBlack acts as a surveillance camera for computers
While monitoring an end-user machine in-the-wild, CarbonBlack noticed the following files in execution wrote this sample to disk.
Compressed bundles
File identification
MD5 4be365b4927a6f82f5d22820a1533c0f
SHA1 9f31356f4427d2e78135700b0a3e0190e06fd52f
SHA256 647867dddfa39fd2eca8e025c1873c712fe97b15d3a366cacb3ade4618761001
ssdeep
96:l4FNU/5J/9ShM4CptrJg+KgZU6bvUq8gAabw:78MzV6+KsJbUVgAab

authentihash 1a73efb01388a8e2cf761fc4c2c06626c9b54481c5bfb25b48b8371dca3137d7
imphash dae02f32a21e03ce65412f6e56942daa
File size 7.0 KB ( 7168 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit Mono/.Net assembly

TrID Generic .NET DLL/Assembly (94.0%)
Win32 Dynamic Link Library (generic) (2.5%)
Win32 Executable (generic) (1.7%)
Generic Win/DOS Executable (0.7%)
DOS Executable Generic (0.7%)
Tags
assembly pedll

VirusTotal metadata
First submission 2013-08-31 07:05:53 UTC ( 5 years, 7 months ago )
Last submission 2017-01-24 16:29:07 UTC ( 2 years, 2 months ago )
File names AEM.Plugin.Hotkeys.Shared.dll
AEM.Plugin.Hotkeys.Shared.dll
AEM.Plugin.Hotkeys.Shared.dll
_326A6F8A7D5940CB9361D5649A4AAFCC
AEM.Plugin.Hotkeys.Shared.dll
AEM.Plugin.Hotkeys.Shared.dll
AEM.Plugin.Hotkeys.Shared.dll
AEM.Plugin.Hotkeys.Shared.dll
4BE365B4927A6F82F5D22820A1533C0F
AEM.Plugin.Hotkeys.Shared.dll
sbs_ve_ambr_20160706170454.984_ 159
aem.plugin.hotkeys.shared.dll
AEM.Plugin.Hotkeys.Shared.dll
AEM.Plugin.Hotkeys.Shared.dll
AEM.Plugin.Hotkeys.Shared.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!