× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 692bf3cf0829c5717aafa65a3fc76a2c8be84529fbdbd6959da7083f9e1771d0
File name: kmu6e
Detection ratio: 9 / 57
Analysis date: 2016-11-07 11:11:51 UTC ( 2 years, 3 months ago ) View latest
Antivirus Result Update
Avira (no cloud) TR/Crypt.XPACK.Gen 20161107
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9998 20161107
Bkav HW32.Packed.50FC 20161107
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20161024
Sophos ML trojan.win32.sirefef.p 20161018
Qihoo-360 HEUR/QVM39.1.0000.Malware.Gen 20161107
Rising Malware.Generic!glWY3GR55jR@2 (thunder) 20161107
Sophos AV Mal/Ransom-FA 20161107
Symantec Heur.AdvML.B 20161107
Ad-Aware 20161107
AegisLab 20161107
AhnLab-V3 20161107
Alibaba 20161107
ALYac 20161107
Antiy-AVL 20161107
Arcabit 20161107
Avast 20161107
AVG 20161107
AVware 20161107
BitDefender 20161107
CAT-QuickHeal 20161107
ClamAV 20161107
CMC 20161107
Comodo 20161107
Cyren 20161107
DrWeb 20161107
Emsisoft 20161107
ESET-NOD32 20161107
F-Prot 20161107
F-Secure 20161107
Fortinet 20161107
GData 20161107
Ikarus 20161107
Jiangmin 20161107
K7AntiVirus 20161107
K7GW 20161107
Kaspersky 20161107
Kingsoft 20161107
Malwarebytes 20161107
McAfee 20161107
McAfee-GW-Edition 20161107
Microsoft 20161107
eScan 20161107
NANO-Antivirus 20161107
nProtect 20161107
Panda 20161106
SUPERAntiSpyware 20161107
Tencent 20161107
TheHacker 20161106
TotalDefense 20161107
TrendMicro 20161107
TrendMicro-HouseCall 20161107
VBA32 20161105
VIPRE 20161107
ViRobot 20161107
Yandex 20161106
Zillya 20161107
Zoner 20161107
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
David De Groot

Product Alert
Original name Alert.dll
Internal name Alert
File version 2.01.0007
Description Alert clock
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-11-07 07:20:11
Entry Point 0x0001655F
Number of sections 6
PE sections
PE imports
RegOpenKeyW
AbortPath
BeginPath
AnimatePalette
AddFontMemResourceEx
AngleArc
lstrcpynW
GetCurrentProcessId
GlobalAddAtomA
CreateFileW
GetCommandLineW
GetOEMCP
CloseHandle
CommandLineToArgvW
SendMessageA
CharLowerA
PlaySoundA
ClosePrinter
_except_handler3
exit
_wtoi
Number of PE resources by type
RT_BITMAP 2
RT_VERSION 1
Number of PE resources by language
ENGLISH US 3
PE resources
ExifTool file metadata
CodeSize
88064

FileDescription
Alert clock

InitializedDataSize
55808

ImageVersion
0.0

ProductName
Alert

FileVersionNumber
2.1.0.7

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
Unicode

LinkerVersion
10.0

FileTypeExtension
dll

OriginalFileName
Alert.dll

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
2.01.0007

TimeStamp
2016:11:07 08:20:11+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
Alert

SubsystemVersion
5.0

ProductVersion
2.01.0007

UninitializedDataSize
0

OSVersion
5.0

FileOS
Win32

LegalCopyright
David De Groot

MachineType
Intel 386 or later, and compatibles

CompanyName
Bluefive software

LegalTrademarks
David De Groot

FileSubtype
0

ProductVersionNumber
2.1.0.7

EntryPoint
0x1655f

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 ede5e803aaac4808ea4f35be88a4aa79
SHA1 3585148f8c672d5e00de0aed6dbf83bb162c8a0e
SHA256 692bf3cf0829c5717aafa65a3fc76a2c8be84529fbdbd6959da7083f9e1771d0
ssdeep
3072:fwFTEwVwngk5uYpdEO3CjiBZzh/iDuGRmrAyvn1:DwVwDZdEOSjiB596uimkyP

authentihash 731af079c11ef7caeb08da02843d54bb54f2ed1de35304f3b18092a9447366bf
imphash 74b1f27054548cd38780b3065d8da42f
File size 137.5 KB ( 140800 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
pedll

VirusTotal metadata
First submission 2016-11-07 11:11:51 UTC ( 2 years, 3 months ago )
Last submission 2016-11-07 12:00:34 UTC ( 2 years, 3 months ago )
File names kmu6e
kmu6e
Alert.dll
Alert
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!