× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6d74e553c3a6cc84589f01e4e35e6a3387093f35f2121f1f1979c076710d9de4
File name: fWk6epu1.dll
Detection ratio: 9 / 57
Analysis date: 2016-11-23 17:24:31 UTC ( 2 years, 2 months ago ) View latest
Antivirus Result Update
AegisLab Troj.W32.Gen.lNNz 20161123
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20161024
Fortinet W32/Kryptik.FKFC!tr 20161123
Sophos ML virus.win32.sality.at 20161018
McAfee-GW-Edition BehavesLike.Win32.Backdoor.cc 20161123
Qihoo-360 HEUR/QVM39.1.0000.Malware.Gen 20161123
Rising Malware.Generic!q2VF8cj8vuG@1 (thunder) 20161123
Symantec Heur.AdvML.B 20161123
Tencent Win32.Trojan.Raasj.Auto 20161123
Ad-Aware 20161123
AhnLab-V3 20161123
Alibaba 20161123
ALYac 20161123
Antiy-AVL 20161123
Arcabit 20161123
Avast 20161123
AVG 20161123
Avira (no cloud) 20161123
AVware 20161123
Baidu 20161123
BitDefender 20161123
Bkav 20161123
CAT-QuickHeal 20161123
ClamAV 20161123
CMC 20161123
Comodo 20161122
Cyren 20161123
DrWeb 20161123
Emsisoft 20161123
ESET-NOD32 20161123
F-Prot 20161123
F-Secure 20161123
GData 20161123
Ikarus 20161123
Jiangmin 20161123
K7AntiVirus 20161123
K7GW 20161123
Kaspersky 20161123
Kingsoft 20161123
Malwarebytes 20161123
McAfee 20161123
Microsoft 20161123
eScan 20161123
NANO-Antivirus 20161123
nProtect 20161123
Panda 20161123
Sophos AV 20161123
SUPERAntiSpyware 20161123
TheHacker 20161122
TotalDefense 20161123
TrendMicro 20161123
TrendMicro-HouseCall 20161123
Trustlook 20161123
VBA32 20161123
VIPRE 20161123
ViRobot 20161123
WhiteArmor 20161018
Yandex 20161123
Zillya 20161122
Zoner 20161123
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright 1994-2014 Paragon Software Group

Product Paragon System Utilities
Original name accessiblelib.dll
Internal name accessiblelib.dll
File version 10.1.25.377
Description A part of Paragon System Utilities
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-11-23 15:50:41
Entry Point 0x000051F6
Number of sections 8
PE sections
PE imports
SetThreadLocale
GetStdHandle
WaitForSingleObject
HeapDestroy
GetFileAttributesW
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
LocalAlloc
UnhandledExceptionFilter
OpenFileMappingA
GetLocaleInfoW
WideCharToMultiByte
GetDiskFreeSpaceW
InterlockedExchange
WriteFile
SetEvent
LocalFree
FormatMessageW
InitializeCriticalSection
OutputDebugStringW
FindClose
InterlockedDecrement
GetFullPathNameW
OutputDebugStringA
SetLastError
GetUserDefaultUILanguage
GetEnvironmentVariableA
GlobalFindAtomW
RemoveDirectoryW
TryEnterCriticalSection
IsDebuggerPresent
HeapAlloc
GetModuleFileNameA
EnumSystemLocalesW
LoadLibraryExW
MultiByteToWideChar
EnumCalendarInfoW
GetPrivateProfileStringW
InterlockedExchangeAdd
GetSystemDefaultUILanguage
SetCurrentDirectoryW
VirtualQuery
VirtualQueryEx
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
HeapFree
EnterCriticalSection
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
LoadLibraryA
RtlUnwind
GetFileSize
DeleteFileA
GetDateFormatW
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
CompareStringW
GetModuleFileNameW
ResetEvent
CreateFileMappingA
FindFirstFileW
IsValidLocale
CreateEventW
CreateFileW
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
GetLastError
UnmapViewOfFile
GetSystemInfo
GetThreadLocale
lstrlenW
CreateProcessW
SwitchToThread
GetCurrentDirectoryW
GetCurrentProcessId
GetCommandLineW
GetCPInfo
HeapSize
InterlockedCompareExchange
WritePrivateProfileStringW
lstrcpynW
RaiseException
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
GetCPInfoExW
GetLongPathNameW
TlsGetValue
HeapCreate
GetTempPathW
VirtualFree
Sleep
VirtualAlloc
Ord(161)
malloc
exit
free
Number of PE resources by type
RT_BITMAP 1
RT_VERSION 1
RT_RCDATA 1
Number of PE resources by language
ENGLISH US 3
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
8.0

ImageVersion
8.0

FileSubtype
0

FileVersionNumber
10.1.25.377

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x0000

CharacterSet
Unicode

InitializedDataSize
182272

EntryPoint
0x51f6

OriginalFileName
accessiblelib.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright 1994-2014 Paragon Software Group

FileVersion
10.1.25.377

TimeStamp
2016:11:23 16:50:41+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
accessiblelib.dll

ProductVersion
10.1.25.377

FileDescription
A part of Paragon System Utilities

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Paragon Software Group

CodeSize
22016

ProductName
Paragon System Utilities

ProductVersionNumber
10.1.25.377

FileTypeExtension
dll

ObjectFileType
Driver

Compressed bundles
File identification
MD5 f1794d7325a5a4f15840386cebc0dabf
SHA1 20101e43fb884584c689ae697102d1819a07417b
SHA256 6d74e553c3a6cc84589f01e4e35e6a3387093f35f2121f1f1979c076710d9de4
ssdeep
3072:AilPNd6TW8+7HqmacV0Jv4Xo3kzCzqA8wljnRu:f6F+TqmJWv4Xikzsj

authentihash d852fd3fbaf39d90b877e36db62812b1af79b4a8476ca6bafc333d9574c9ad84
imphash 8b73414db5640234cfbe6f18d4aab392
File size 129.0 KB ( 132096 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.4%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
pedll

VirusTotal metadata
First submission 2016-11-23 17:24:31 UTC ( 2 years, 2 months ago )
Last submission 2017-08-28 21:52:16 UTC ( 1 year, 5 months ago )
File names accessiblelib.dll
fWk6epu1.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!