× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 653bbfb16a4440f8ea1e95904985ee35739095cc9f1ee6b3f2bf4a1e14fb8cfe
File name: System.ServiceModel.Http.dll
Detection ratio: 0 / 67
Analysis date: 2018-09-02 23:31:42 UTC ( 6 months, 2 weeks ago )
Antivirus Result Update
Ad-Aware 20180902
AegisLab 20180902
AhnLab-V3 20180902
Alibaba 20180713
ALYac 20180902
Antiy-AVL 20180902
Arcabit 20180902
Avast 20180902
Avast-Mobile 20180902
AVG 20180902
Avira (no cloud) 20180902
AVware 20180823
Babable 20180902
Baidu 20180830
BitDefender 20180902
Bkav 20180831
CAT-QuickHeal 20180902
ClamAV 20180902
CMC 20180902
Comodo 20180902
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180902
Cyren 20180902
DrWeb 20180902
eGambit 20180902
Emsisoft 20180902
Endgame 20180730
ESET-NOD32 20180902
F-Prot 20180902
F-Secure 20180902
Fortinet 20180902
GData 20180902
Ikarus 20180902
Sophos ML 20180717
Jiangmin 20180902
K7AntiVirus 20180902
K7GW 20180902
Kaspersky 20180902
Kingsoft 20180902
Malwarebytes 20180902
MAX 20180902
McAfee 20180902
McAfee-GW-Edition 20180902
Microsoft 20180902
eScan 20180902
NANO-Antivirus 20180902
Palo Alto Networks (Known Signatures) 20180902
Panda 20180902
Qihoo-360 20180902
Rising 20180902
SentinelOne (Static ML) 20180830
Sophos AV 20180902
SUPERAntiSpyware 20180902
Symantec 20180902
Symantec Mobile Insight 20180831
TACHYON 20180902
Tencent 20180902
TheHacker 20180902
TotalDefense 20180902
TrendMicro 20180902
TrendMicro-HouseCall 20180903
Trustlook 20180902
VBA32 20180831
VIPRE 20180902
ViRobot 20180902
Webroot 20180902
Yandex 20180831
Zillya 20180831
ZoneAlarm by Check Point 20180902
Zoner 20180903
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® .NET Framework
Original name System.ServiceModel.Http.dll
Internal name System.ServiceModel.Http.dll
File version 4.6.26720.02
Description System.ServiceModel.Http
Comments System.ServiceModel.Http
Signature verification Signed file, verified signature
Signing date 3:09 AM 7/20/2018
Signers
[+] Microsoft Corporation
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Microsoft Code Signing PCA
Valid from 9:11 PM 8/11/2017
Valid to 9:11 PM 8/11/2018
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 5EAD300DC7E4D637948ECB0ED829A072BD152E17
Serial number 33 00 00 01 79 7C 2E 57 4E 52 E1 CA D6 00 01 00 00 01 79
[+] Microsoft Code Signing PCA
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 11:19 PM 8/31/2010
Valid to 11:29 PM 8/31/2020
Valid usage All
Algorithm sha1RSA
Thumbprint 3CAF9BA2DB5570CAF76942FF99101B993888E257
Serial number 61 33 26 1A 00 00 00 00 00 31
[+] Microsoft Root Certificate Authority
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 12:19 AM 5/10/2001
Valid to 12:28 AM 5/10/2021
Valid usage All
Algorithm sha1RSA
Thumbprint CDD4EEAE6000AC7F40C3802C171E30148030C072
Serial number 79 AD 16 A1 4A A0 A5 AD 4C 73 58 F4 07 13 2E 65
Counter signers
[+] Microsoft Time-Stamp service
Status Valid
Issuer Microsoft Time-Stamp PCA
Valid from 8:03 PM 1/31/2018
Valid to 8:03 PM 9/7/2018
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 81BC01F67FA8AC194F7DFF538EFC67F1F1FEE158
Serial number 33 00 00 00 E5 F0 48 5F 2F F2 CD 11 4B 00 00 00 00 00 E5
[+] Microsoft Time-Stamp PCA
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 1:53 PM 4/3/2007
Valid to 2:03 PM 4/3/2021
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 375FCB825C3DC3752A02E34EB70993B4997191EF
Serial number 61 16 68 34 00 00 00 00 00 1C
[+] Microsoft Root Certificate Authority
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 12:19 AM 5/10/2001
Valid to 12:28 AM 5/10/2021
Valid usage All
Algorithm sha1RSA
Thumbrint CDD4EEAE6000AC7F40C3802C171E30148030C072
Serial number 79 AD 16 A1 4A A0 A5 AD 4C 73 58 F4 07 13 2E 65
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-07-20 02:08:56
Entry Point 0x00002C56
Number of sections 3
.NET details
Module Version ID 456bdaca-4573-4ae6-a2e6-07baa362e7e8
PE sections
Overlays
MD5 23da9f22c1a4807499c261d2bcfe0432
File type data
Offset 7680
Size 18896
Entropy 7.49
PE imports
_CorDllMain
Number of PE resources by type
RT_VERSION 2
Number of PE resources by language
NEUTRAL 2
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

Comments
System.ServiceModel.Http

LinkerVersion
48.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
4.6.26720.2

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
System.ServiceModel.Http

ImageFileCharacteristics
Executable, Large address aware, DLL

CharacterSet
Unicode

InitializedDataSize
3584

EntryPoint
0x2c56

OriginalFileName
System.ServiceModel.Http.dll

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
4.6.26720.02

TimeStamp
2018:07:20 03:08:56+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
System.ServiceModel.Http.dll

ProductVersion
4.6.26720.02 @BuiltBy: dlab14-DDVSOWINAGE014 @Branch: release/2.1.0 @Commit: 8ee6d65a6da34d4d37ce1d00d87febfeed0561a9

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
3584

ProductName
Microsoft .NET Framework

ProductVersionNumber
0.0.0.0

FileTypeExtension
dll

ObjectFileType
Dynamic link library

AssemblyVersion
4.5.0.3

Compressed bundles
File identification
MD5 a0d0d70ecbf6e99d336be5f5914ff2dc
SHA1 77f740b1f8260d7d964902da9e1e44a3adb39a42
SHA256 653bbfb16a4440f8ea1e95904985ee35739095cc9f1ee6b3f2bf4a1e14fb8cfe
ssdeep
384:Tp+9CfRdLWOXW1WBXWXkimuT+quY0GftpBjY9WaQHRN7n2728NQlF7o:cuPlXUCTiOWLLI

authentihash cab8e0dfe6c79850750fdc9f3dabc75a004cbe1cacee1de9d6d61a9308884a59
imphash dae02f32a21e03ce65412f6e56942daa
File size 26.0 KB ( 26576 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 Mono/.Net assembly

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
assembly pedll signed overlay

VirusTotal metadata
First submission 2018-08-12 11:37:18 UTC ( 7 months, 1 week ago )
Last submission 2018-08-12 11:37:18 UTC ( 7 months, 1 week ago )
File names filDDFDBF4A80E8D78988F324D618FE8AD0
System.ServiceModel.Http.dll
System.ServiceModel.Http.dll
System.ServiceModel.Http.dll
System.ServiceModel.Http.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!