× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 65d8847e5b35943bdae8e4e0c4fe7a981d0c749f4f6af90d106dc055adc2551d
File name: php_xsl.dll
Detection ratio: 0 / 57
Analysis date: 2015-08-29 11:23:19 UTC ( 3 years, 8 months ago )
Antivirus Result Update
Ad-Aware 20150830
AegisLab 20150830
Yandex 20150829
AhnLab-V3 20150830
Alibaba 20150828
ALYac 20150830
Antiy-AVL 20150830
Arcabit 20150830
Avast 20150830
AVG 20150830
Avira (no cloud) 20150830
AVware 20150830
Baidu-International 20150830
BitDefender 20150830
Bkav 20150829
ByteHero 20150830
CAT-QuickHeal 20150829
ClamAV 20150830
CMC 20150827
Comodo 20150830
Cyren 20150830
DrWeb 20150830
Emsisoft 20150830
ESET-NOD32 20150830
F-Prot 20150829
F-Secure 20150829
Fortinet 20150830
GData 20150830
Ikarus 20150830
Jiangmin 20150829
K7AntiVirus 20150830
K7GW 20150830
Kaspersky 20150830
Kingsoft 20150830
Malwarebytes 20150829
McAfee 20150830
McAfee-GW-Edition 20150830
Microsoft 20150830
eScan 20150830
NANO-Antivirus 20150830
nProtect 20150828
Panda 20150830
Qihoo-360 20150830
Rising 20150830
Sophos AV 20150830
SUPERAntiSpyware 20150829
Symantec 20150829
Tencent 20150830
TheHacker 20150828
TotalDefense 20150830
TrendMicro 20150830
TrendMicro-HouseCall 20150830
VBA32 20150829
VIPRE 20150830
ViRobot 20150830
Zillya 20150830
Zoner 20150830
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 1997-2014 The PHP Group

Publisher The PHP Group
Product PHP
Original name php_xsl.dll
Internal name XSL extension
File version 5.6.12
Description XSL
Comments Thanks to Christian Stocker, Rob Richards
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-08-06 19:30:57
Entry Point 0x000261FC
Number of sections 5
PE sections
PE imports
CompareStringW
EnumSystemLocalesA
GetSystemTimeAsFileTime
GetLocaleInfoA
GetCurrentProcessId
GetFileAttributesA
QueryPerformanceCounter
IsDebuggerPresent
EncodePointer
DisableThreadLibraryCalls
IsProcessorFeaturePresent
MultiByteToWideChar
GetCurrentThreadId
DecodePointer
QueryPerformanceFrequency
_malloc_crt
rand
__iob_func
sscanf
_CIatan2
__crtTerminateProcess
memset
fclose
_time64
__dllonexit
_libm_sse2_sin_precise
_stat64i32
fopen
_CIfmod
_amsg_exit
floor
_lock
_onexit
_snprintf
sprintf
_initterm_e
_libm_sse2_asin_precise
_libm_sse2_atan_precise
_libm_sse2_sqrt_precise
_unlock
_crt_debugger_hook
free
_except_handler4_common
_libm_sse2_exp_precise
vfprintf
_libm_sse2_log_precise
memcpy
_gmtime64
__crtUnhandledException
__clean_type_info_names_internal
_vsnprintf
_libm_sse2_pow_precise
_libm_sse2_tan_precise
_calloc_crt
_libm_sse2_cos_precise
_localtime64
_mkdir
__CppXcptFilter
fprintf
_initterm
_libm_sse2_acos_precise
xmlXPathNodeSetMerge
zval_add_ref
xmlDocCopyNode
xmlHashScan
zend_objects_destroy_object
xmlXPathNumberFunction
add_next_index_zval
xmlGetProp
xmlXPathNsLookup
xmlNewCDataBlock
xmlXPathNewNodeSet
xmlStrcat
xmlNewDocRawNode
xmlNodeGetBase
dom_node_class_entry
xmlStrstr
php_info_print_table_start
_zval_dtor_func
xmlNewDocNodeEatName
xmlXPathFreeContext
xmlXPatherror
xmlXPathIsNaN
zend_unregister_ini_entries
zend_register_string_constant
xmlXPathNewString
xmlXPathFreeObject
__xmlGenericError
xmlBufferCreate
xmlDocGetRootElement
xmlXPathEvalPredicate
xmlXPathContextSetCache
xmlHashCreate
xmlHashLookup
xmlGetCharEncodingName
xmlStrdup
xmlNewMutex
xmlStrncat
xmlHashRemoveEntry2
xmlXPathPopString
htmlDocContentDumpFormatOutput
xmlURIEscapeStr
instanceof_function
xmlValidateQName
xmlLoadExternalEntity
_safe_emalloc
inputPush
zend_object_std_init
xmlNewDocText
zend_is_executing
xmlXPathNextAncestor
_zend_hash_add_or_update
xmlDictCreateSub
xmlGetDtdAttrDesc
xmlXPathCastToString
xmlFreeMutex
xmlStrndup
xmlDictQLookup
xmlBuildURI
xmlUTF8Strlen
xmlXPathIsNodeType
xmlFreeRMutex
xmlUTF8Charcmp
xmlGetIntSubset
xmlStrchr
xmlFree
convert_to_long
valuePop
zend_lookup_class
_zval_copy_ctor_func
xmlXPathIntersection
php_libxml_decrement_doc_ref
xmlBufferFree
xmlXPathNodeSetSort
php_info_print_table_row
xmlStringTextNoenc
htmlDocContentDumpOutput
xmlNodeGetSpacePreserve
xmlHashScanFull
xmlNodeSetContent
xmlBufferAdd
xmlNodeDumpOutput
zend_error
xmlSearchNsByHref
xmlAddChild
_zend_hash_index_update_or_next_insert
php_check_open_basedir
xmlXPathFunctionLookupNS
php_libxml_increment_doc_ref
xmlMutexLock
xmlXPathNodeSetAdd
xmlNewTextLen
xmlValidateNCName
xmlDictCreate
xmlHashUpdateEntry
xmlIsDigitGroup
xmlRMutexUnlock
xmlStringText
zend_get_class_entry
gc_remove_zval_from_buffer
xmlGetID
xmlAddID
xmlFreeURI
xmlNewRMutex
zend_hash_del_key_or_index
object_properties_init
xmlUTF8Strndup
_emalloc
xmlXPathIsInf
_zend_hash_init
xmlXPathHasSameNodes
zend_register_long_constant
xmlXPathDistinctSorted
xmlNodeAddContent
xmlAllocOutputBuffer
xmlFreeParserCtxt
valuePush
xmlXPathCompiledEval
xmlAddPrevSibling
xmlXPathStringFunction
xmlXPathPopBoolean
xmlIsBlankNode
xmlDebugDumpNode
zend_hash_find
xmlNodeGetContent
xmlXPathInit
xmlXPathCtxtCompile
xmlCopyDoc
xmlFreeIDTable
xmlHashLookup3
xmlHashLookup2
xmlGetDocEntity
xmlCopyCharMultiByte
xmlCreateIntSubset
zend_hash_move_forward_ex
xmlCheckUTF8
xmlNodeSetBase
xmlIsCombiningGroup
xmlCtxtUseOptions
zend_parse_parameters_ex
_object_init_ex
xmlSplitQName2
xmlXPtrNewContext
xmlXPathNodeSetAddUnique
zend_parse_parameters
zend_objects_store_put
php_error_docref0
xmlXPathRegisterFuncLookup
xmlXPathRegisterVariableLookup
xmlXPathPopExternal
zend_wrong_param_count
zend_hash_get_current_key_ex
__xmlLoadExtDtdDefaultValue
xmlParseURI
xmlDictReference
xmlXPathPopNodeSet
zend_register_ini_entries
xmlCreateURI
zend_hash_destroy
xmlXPathConvertString
xmlSaveUri
zend_ini_long
xmlXPathNodeSetCreate
xmlGetLineNo
xmlFreeDtd
xmlRMutexLock
htmlNewDoc
xmlDictFree
xmlXPathNewBoolean
xmlCharInRange
xmlParseDocument
xmlXPathNodeLeadingSorted
executor_globals
_efree
zend_hash_num_elements
xmlOutputBufferClose
_convert_to_string
xmlNewDocPI
xmlXPathRegisterFunc
xmlMalloc
htmlNewDocNoDtD
xmlHashUpdateEntry3
xmlHashUpdateEntry2
xmlNewParserCtxt
xmlXPathNewParserContext
xmlXPathErr
zend_make_callable
zend_object_store_get_object
xmlXPathWrapString
xmlUnlinkNode
xmlStrncmp
xmlXPathRegisterFuncNS
xmlFreeNode
xmlNewNsProp
xmlBufferContent
zend_hash_exists
xmlXPathEvalExpression
xmlOutputBufferWriteString
zend_hash_get_current_data_ex
xmlNewChild
xmlSearchNs
xmlXIncludeProcessFlags
xmlXPathEval
xmlXPathWrapNodeSet
xmlStrlen
xmlSubstituteEntitiesDefault
xmlStrsub
xmlStrncasecmp
xmlXPathDifference
xmlXPathFreeNodeSet
xmlXPtrEval
xmlXPathNewContext
xmlStrEqual
zend_objects_get_address
xmlFreeRefTable
xmlIsID
xmlXPathNextPrecedingSibling
xmlBufferCat
xmlXPathNAN
xmlHashAddEntry2
xmlHashAddEntry3
xmlStrcmp
xmlNewDoc
xmlFindCharEncodingHandler
xmlXPathObjectCopy
_array_init
xmlXPathCastNodeToString
xmlXPathNodeTrailingSorted
xmlMutexUnlock
xmlXPathCompiledEvalToBoolean
xmlIsExtenderGroup
xmlGetNsProp
zend_hash_internal_pointer_reset_ex
xmlNewComment
xmlXPathCastNodeToNumber
xmlBufferLength
xmlXPathCastStringToNumber
xmlUTF8Size
xmlNewDocProp
xmlXPathNewCString
xmlOutputBufferCreateFile
zend_register_internal_class_ex
xmlXPathCastNumberToString
htmlSetMetaEncoding
xmlDocCopyNodeList
_zval_ptr_dtor
xmlNewNs
xmlHasNsProp
zend_call_function
xmlDictOwns
xmlOutputBufferFlush
_estrndup
xmlHashFree
xmlDictLookup
zend_new_interned_string
__xmlGenericErrorContext
ap_php_snprintf
xmlXPathNewFloat
zend_object_std_dtor
php_info_print_table_end
xmlRealloc
xmlXPathOrderDocElems
xmlBufferCCat
xmlHashAddEntry
xmlGetNsList
xmlXPathNewValueTree
php_dom_create_object
dom_object_get_node
php_libxml_import_node
zend_strndup
xmlXPathStringEvalNumber
xmlIsBaseCharGroup
zend_parse_method_parameters
xmlXPathCmpNodes
xmlURIUnescapeString
xmlStrcasecmp
xmlFreeNodeList
xmlFreeDoc
xmlUTF8Strsize
xmlUTF8Strpos
php_libxml_error_handler
xmlNewDocNode
xmlNewText
xmlOutputBufferCreateFilename
xmlSetNsProp
xmlXPathDebugDumpObject
xmlXPathFreeCompExpr
xmlStringCurrentChar
xmlParserGetDirectory
xmlXPathConvertNumber
xmlXPathCompile
xmlXPathFreeParserContext
xmlUTF8Strloc
zend_get_std_object_handlers
xmlXPathWrapExternal
php_libxml_increment_node_ptr
xmlXPathPopNumber
xmlNodeListGetString
PE exports
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
Debug information
ExifTool file metadata
CodeSize
163840

SubsystemVersion
6.0

Comments
Thanks to Christian Stocker, Rob Richards

InitializedDataSize
67584

ImageVersion
0.0

ProductName
PHP

FileVersionNumber
5.6.12.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
11.0

FileTypeExtension
dll

OriginalFileName
php_xsl.dll

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
5.6.12

URL
http://www.php.net

TimeStamp
2015:08:06 20:30:57+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
XSL extension

ProductVersion
5.6.12

FileDescription
XSL

OSVersion
6.0

FileOS
Win32

LegalCopyright
Copyright 1997-2014 The PHP Group

MachineType
Intel 386 or later, and compatibles

CompanyName
The PHP Group

LegalTrademarks
PHP

FileSubtype
0

ProductVersionNumber
5.6.12.0

EntryPoint
0x261fc

ObjectFileType
Dynamic link library

File identification
MD5 94b762a035dea6986668e3c3b140c43e
SHA1 d1f3e7af88699c0f2eb7c5a6fd604c8025c348fa
SHA256 65d8847e5b35943bdae8e4e0c4fe7a981d0c749f4f6af90d106dc055adc2551d
ssdeep
6144:XSBvu6oW0smIYipxH4Gu+9uwqTwgcUSUDzUok:QvpoZI4GuJYUSUDz

authentihash d9a96375f3851d21e5a303b35cdf86f941b6795737c5ac702be44202f1955602
imphash 9e4aaa75fb418e7460658e451714fc38
File size 227.0 KB ( 232448 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
pedll

VirusTotal metadata
First submission 2015-08-07 06:04:53 UTC ( 3 years, 9 months ago )
Last submission 2015-08-07 06:04:53 UTC ( 3 years, 9 months ago )
File names XSL extension
php_xsl.dll
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!