× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 69750fdb05f2c5382aa6aff90f9bbe8861556cf75781eb0ae46e5212b7122fc9
File name: MAPlas.dll
Detection ratio: 33 / 43
Analysis date: 2010-09-18 22:47:36 UTC ( 3 years, 7 months ago ) View latest
Antivirus Result Update
AVG Agent2.BJMK 20100918
AhnLab-V3 Downloader/Win32.Mufanom 20100918
AntiVir TR/Dldr.Mufanom.aevf 20100918
Authentium W32/Hiloti.I.gen!Eldorado 20100918
Avast Win32:MalOb-CB 20100918
Avast5 Win32:MalOb-CB 20100918
BitDefender Gen:Variant.Kazy.391 20100918
DrWeb BackDoor.Tdss.4037 20100918
Emsisoft Trojan-Downloader.Win32.Mufanom!IK 20100918
F-Prot W32/Hiloti.I.gen!Eldorado 20100918
F-Secure Gen:Variant.Kazy.391 20100918
GData Gen:Variant.Kazy.391 20100918
Ikarus Trojan-Downloader.Win32.Mufanom 20100918
K7AntiVirus Riskware 20100918
Kaspersky Trojan-Downloader.Win32.Mufanom.aevf 20100919
McAfee Hiloti.gen.e 20100919
McAfee-GW-Edition Hiloti.gen.e 20100918
Microsoft Trojan:Win32/Hiloti.gen!D 20100918
NOD32 Win32/Cimag.DE 20100918
PCTools Trojan.Zefarch 20100918
Panda Adware/AVSecuritySuite 20100918
Prevx High Risk Cloaked Malware 20100919
SUPERAntiSpyware Trojan.Agent/Gen 20100918
Sophos Mal/Hiloti-D 20100918
Sunbelt Trojan.Win32.Hiloti.aa (v) 20100918
Symantec Trojan.Zefarch 20100918
TheHacker Trojan/Downloader.Mufanom.aevf 20100918
TrendMicro TROJ_GEN.RB3E1IG 20100918
TrendMicro-HouseCall TROJ_GEN.RB3E1IG 20100919
VBA32 Bscope.Malware-Cryptor.Tip 20100917
VirusBuster Trojan.DL.Mufanom.IIQ 20100918
eTrust-Vet Win32/Hiloti.VAA 20100917
nProtect Trojan-Downloader/W32.Mufanom.77824.U 20100918
Antiy-AVL 20100918
CAT-QuickHeal 20100918
ClamAV 20100918
Comodo 20100918
Fortinet 20100918
Jiangmin 20100918
Norman 20100918
Rising 20100918
ViRobot 20100918
eSafe 20100917
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
Authenticode signature block
Copyright
Copyright (C) 2005

Product Masktools Dynamic Link Library
Original name mt_masktools.dll
Internal name Masktools 2.0
File version _
Description Masktools Dynamic Link Library
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-06-05 19:03:57
Entry Point 0x0000ADE0
Number of sections 4
PE sections
PE imports
HeapFree
GetStdHandle
TerminateThread
lstrlenA
GetOEMCP
HeapDestroy
HeapAlloc
DisableThreadLibraryCalls
GetVersionExA
RtlUnwind
GetACP
GetStartupInfoA
GetPriorityClass
SizeofResource
UnhandledExceptionFilter
MultiByteToWideChar
GetCommandLineA
SetStdHandle
GetFileTime
SetFilePointer
GetModuleHandleA
FindFirstFileA
SetUnhandledExceptionFilter
WriteFile
CloseHandle
ExitThread
HeapReAlloc
CreateConsoleScreenBuffer
GetProcessAffinityMask
HeapCreate
FindClose
WriteConsoleW
ExitProcess
SetLastError
RegGetKeySecurity
ConvertAccessToSecurityDescriptorW
BuildExplicitAccessWithNameW
GetSecurityDescriptorOwner
BackupEventLogW
IsValidSecurityDescriptor
RegOpenUserClassesRoot
InitMUILanguage
FlatSB_SetScrollProp
OleCreateFontIndirect
OleIconToCursor
EnumerateSecurityPackagesW
AddSecurityPackageA
EnumerateSecurityPackagesA
AddSecurityPackageW
DrawTextA
GetWindowRect
EnableWindow
GetSysColorBrush
KillTimer
GetDlgItem
DialogBoxIndirectParamA
InvalidateRgn
IsDialogMessageA
RemoveMenu
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
5.12

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.0.44.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0017

CharacterSet
Unicode

InitializedDataSize
36864

OriginalFilename
mt_masktools.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2005

FileVersion


TimeStamp
2009:06:05 20:03:57+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
Masktools 2.0

ProductVersion


FileDescription
Masktools Dynamic Link Library

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
49152

ProductName
Masktools Dynamic Link Library

ProductVersionNumber
2.0.44.0

EntryPoint
0xade0

ObjectFileType
Dynamic link library

File identification
MD5 f1abef9bd8240815ceaf97a7527318b2
SHA1 2d4dc1fe7a4a65144ccff784b0cb0e58215b2e95
SHA256 69750fdb05f2c5382aa6aff90f9bbe8861556cf75781eb0ae46e5212b7122fc9
ssdeep
1536:u98ArqtekvxJMnjC1zPe2ORRQIyrwvz65WmPC7YOEUk:jeexAjC1re2liz68mPC74

File size 76.0 KB ( 77824 bytes )
File type Win32 DLL
Magic literal
MS-DOS executable PE for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
pedll

VirusTotal metadata
First submission 2010-09-12 21:31:19 UTC ( 3 years, 7 months ago )
Last submission 2013-03-06 04:35:05 UTC ( 1 year, 1 month ago )
File names Masktools 2.0
f1abef9bd8240815ceaf97a7527318b2
mt_masktools.dll
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!