× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 67d8409712fca52b2aa04c287cca66bca876b0e3faca8761fa0ab0360ccb8c73
File name: YpMLRPBiQh.exe
Detection ratio: 12 / 66
Analysis date: 2017-10-18 22:44:48 UTC ( 1 year ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9976 20171018
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20170804
Cylance Unsafe 20171018
Endgame malicious (high confidence) 20171016
Fortinet W32/GenKryptik.AVMQ!tr 20171018
GData Win32.Trojan-Spy.Emotet.DU 20171018
Sophos ML heuristic 20170914
McAfee-GW-Edition BehavesLike.Win32.Virut.cc 20171018
Qihoo-360 HEUR/QVM20.1.9877.Malware.Gen 20171018
SentinelOne (Static ML) static engine - malicious 20171001
Sophos AV Mal/EncPk-ANR 20171018
Webroot W32.Trojan.Emotet 20171018
Ad-Aware 20171018
AegisLab 20171018
AhnLab-V3 20171018
Alibaba 20170911
ALYac 20171018
Antiy-AVL 20171018
Arcabit 20171018
Avast 20171018
Avast-Mobile 20171018
AVG 20171018
Avira (no cloud) 20171018
AVware 20171018
BitDefender 20171018
Bkav 20171018
CAT-QuickHeal 20171018
ClamAV 20171018
CMC 20171018
Comodo 20171018
Cyren 20171018
eGambit 20171018
Emsisoft 20171018
ESET-NOD32 20171018
F-Prot 20171018
F-Secure 20171018
Ikarus 20171018
Jiangmin 20171018
K7AntiVirus 20171017
K7GW 20171016
Kaspersky 20171018
Kingsoft 20171018
Malwarebytes 20171018
MAX 20171018
McAfee 20171018
Microsoft 20171018
eScan 20171018
NANO-Antivirus 20171018
nProtect 20171018
Palo Alto Networks (Known Signatures) 20171018
Panda 20171018
Rising 20171018
SUPERAntiSpyware 20171018
Symantec 20171018
Symantec Mobile Insight 20171011
Tencent 20171018
TheHacker 20171017
TotalDefense 20171018
TrendMicro 20171018
TrendMicro-HouseCall 20171018
Trustlook 20171018
VBA32 20171018
VIPRE 20171018
ViRobot 20171018
WhiteArmor 20171016
Yandex 20171018
Zillya 20171018
ZoneAlarm by Check Point 20171018
Zoner 20171018
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name D3D10Level9.dll
Internal name D3D10Level9.dll
File version 6.1.7601.17514 (win7sp1_rtm.101119-1850)
Description Direct3D 10 to Direct3D9 Translation Runtime
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-10-19 07:41:27
Entry Point 0x00001980
Number of sections 7
PE sections
PE imports
OpenSCManagerW
CreateFontW
AreFileApisANSI
GetLastError
GetTimeFormatW
RaiseException
GetConsoleAliasA
LocalAlloc
ConvertFiberToThread
GetCommandLineW
FreeLibrary
UnregisterApplicationRestart
RegisterApplicationRestart
GetCurrentProcess
LocalFree
InterlockedExchange
GetCommandLineA
GlobalLock
GetProcAddress
LoadLibraryA
Ord(30)
Number of PE resources by type
HWB 5
RT_VERSION 1
Number of PE resources by language
ENGLISH US 6
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
26752

ImageVersion
0.0

ProductName
Microsoft Windows Operating System

FileVersionNumber
6.1.7601.17514

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Direct3D 10 to Direct3D9 Translation Runtime

CharacterSet
Unicode

LinkerVersion
12.0

FileTypeExtension
exe

OriginalFileName
D3D10Level9.dll

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
6.1.7601.17514 (win7sp1_rtm.101119-1850)

TimeStamp
2017:10:19 08:41:27+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
D3D10Level9.dll

ProductVersion
6.1.7601.17514

SubsystemVersion
5.1

OSVersion
5.0

FileOS
Windows NT 32-bit

LegalCopyright
Microsoft Corporation. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
16384

FileSubtype
0

ProductVersionNumber
6.1.7601.17514

EntryPoint
0x1980

ObjectFileType
Dynamic link library

File identification
MD5 2dfd12e537bcfbaf2f18c2b00b076e3f
SHA1 8e1d267e3cf769cf8739ec6a0bd731ce0ed43821
SHA256 67d8409712fca52b2aa04c287cca66bca876b0e3faca8761fa0ab0360ccb8c73
ssdeep
3072:4fJvtbQDKkz8MZ+Xbmgpntn65wqsEU2dsZTreQ2:4fJJGz8MEXKgpnJbEUtZTr

authentihash fd4b80881345ea0525dde4622a03fcfb6265360fe27f08eca17c79a5cf063ffb
imphash 0cf4a899cf2caa45e7c5d71cd6eca9d3
File size 151.0 KB ( 154624 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit system file

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2017-10-18 22:44:48 UTC ( 1 year ago )
Last submission 2017-10-19 04:13:04 UTC ( 1 year ago )
File names 8e1d267e3cf769cf8739ec6a0bd731ce0ed43821
YpMLRPBiQh.exe
D3D10Level9.dll
searchtime.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!