× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 71c65315f99271930086802d8589117e7595c1a9d6ac450b51698f3df3e7ec81
File name: dXCtrls.dll
Detection ratio: 2 / 47
Analysis date: 2013-06-20 01:44:00 UTC ( 10 months, 1 week ago ) View latest
Probably harmless! There are strong indicators suggesting that this file is safe to use.
Antivirus Result Update
TrendMicro PAK_Generic.001 20130620
TrendMicro-HouseCall PAK_Generic.001 20130620
AVG 20130620
Agnitum 20130619
AhnLab-V3 20130619
AntiVir 20130620
Antiy-AVL 20130619
Avast 20130620
BitDefender 20130620
ByteHero 20130613
CAT-QuickHeal 20130619
ClamAV 20130620
Commtouch 20130619
Comodo 20130619
DrWeb 20130620
ESET-NOD32 20130619
Emsisoft 20130620
F-Prot 20130620
F-Secure 20130620
Fortinet 20130620
GData 20130620
Ikarus 20130620
Jiangmin 20130619
K7AntiVirus 20130619
K7GW 20130619
Kaspersky 20130620
Kingsoft 20130506
Malwarebytes 20130619
McAfee 20130620
McAfee-GW-Edition 20130620
MicroWorld-eScan 20130620
Microsoft 20130620
NANO-Antivirus 20130620
Norman 20130619
PCTools 20130521
Panda 20130619
Rising 20130619
SUPERAntiSpyware 20130619
Sophos 20130620
Symantec 20130620
TheHacker 20130619
TotalDefense 20130619
VBA32 20130619
VIPRE 20130620
ViRobot 20130619
eSafe 20130616
nProtect 20130619
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
Authenticode signature block
Copyright
Copyright 1997

Product controls Module
Original name CONTROLS.DLL
Internal name CONTROLS
File version 1, 0, 0, 1
Description controls Module
Packers identified
F-PROT UPX
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2000-04-18 08:28:36
Link date 9:28 AM 4/18/2000
Entry Point 0x00043380
Number of sections 3
PE sections
PE imports
RegCloseKey
ImageList_Draw
PatBlt
LoadLibraryA
GetProcAddress
ShellExecuteA
timeSetEvent
WriteClassStm
PE exports
Number of PE resources by type
RT_BITMAP 9
REGISTRY 6
RT_DIALOG 1
RT_GROUP_CURSOR 1
TYPELIB 1
RT_STRING 1
RT_CURSOR 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL DEFAULT 11
RUSSIAN 5
ENGLISH US 3
NEUTRAL 2
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.1

UninitializedDataSize
200704

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
53248

FileOS
Win32

MIMEType
application/octet-stream

LegalCopyright
Copyright 1997

FileVersion
1, 0, 0, 1

TimeStamp
2000:04:18 09:28:36+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
CONTROLS

FileAccessDate
2013:12:18 00:44:59+01:00

ProductVersion
1, 0, 0, 1

FileDescription
controls Module

OSVersion
4.0

FileCreateDate
2013:12:18 00:44:59+01:00

OriginalFilename
CONTROLS.DLL

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
73728

ProductName
controls Module

ProductVersionNumber
1.0.0.1

EntryPoint
0x43380

ObjectFileType
Dynamic link library

File identification
MD5 742f07a053b3886b62fdf7fc570b1f5a
SHA1 70ccd57cc1bf9c5c4fef43d19a173398a7f12704
SHA256 71c65315f99271930086802d8589117e7595c1a9d6ac450b51698f3df3e7ec81
ssdeep
3072:7JXooFjVxzZSRP9bC5pjKolvOPYgYVNpw:dXooFjPwRP9bC5pjKkerYVN

File size 121.5 KB ( 124416 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (42.3%)
Win32 EXE Yoda's Crypter (36.7%)
Win32 Dynamic Link Library (generic) (9.1%)
Win32 Executable (generic) (6.2%)
Generic Win/DOS Executable (2.7%)
Tags
nsrl pedll upx

VirusTotal metadata
First submission 2009-02-26 10:17:42 UTC ( 5 years, 1 month ago )
Last submission 2013-12-17 23:44:54 UTC ( 4 months, 1 week ago )
File names dXCtrls.dll
742F07A053B3886B62FDF7FC570B1F5A
CONTROLS
vti-rescan
CONTROLS.DLL
smona_71c65315f99271930086802d8589117e7595c1a9d6ac450b51698f3df3e7ec81.bin
National Software Reference Library (NIST)
The National Software Reference Library (NSRL) is designed to collect software from various sources and incorporate file profiles computed from this software into a reference data set of information. This file was found in the NSRL dataset, in the following products and with the following file names.
Products Mobile Phone Tools 2003 (TradeTouch.com inc.)
File names F133133_dXCtrls.dll
Advanced heuristic and reputation engines
ClamAV PUA
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: http://www.clamav.net/index.php?s=pua&lang=en .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!