× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 74d0cc4d5412b7147256791f2d8ec00f26a109f59e802828a19c787bb3f53bda
File name: hupoas.dll
Detection ratio: 8 / 57
Analysis date: 2016-09-30 09:25:48 UTC ( 2 years, 4 months ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.151026.9950.9999 20160930
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20160725
Sophos ML virus.win32.ramnit.ah 20160928
Panda Trj/Locky.A 20160929
Qihoo-360 HEUR/QVM40.1.0000.Malware.Gen 20160930
Rising Malware.Generic!Lv0ww11p7xB@2 (thunder) 20160930
Symantec Heur.AdvML.B 20160930
Tencent Win32.Trojan.Raas.Auto 20160930
Ad-Aware 20160930
AegisLab 20160930
AhnLab-V3 20160930
Alibaba 20160930
ALYac 20160930
Antiy-AVL 20160930
Arcabit 20160930
Avast 20160930
AVG 20160930
Avira (no cloud) 20160930
AVware 20160930
BitDefender 20160930
Bkav 20160930
CAT-QuickHeal 20160930
ClamAV 20160930
CMC 20160930
Comodo 20160930
Cyren 20160930
DrWeb 20160930
Emsisoft 20160930
ESET-NOD32 20160930
F-Prot 20160926
F-Secure 20160930
Fortinet 20160930
GData 20160930
Ikarus 20160930
Jiangmin 20160930
K7AntiVirus 20160930
K7GW 20160930
Kaspersky 20160930
Kingsoft 20160930
Malwarebytes 20160930
McAfee 20160930
McAfee-GW-Edition 20160929
Microsoft 20160930
eScan 20160930
NANO-Antivirus 20160930
nProtect 20160930
Sophos AV 20160930
SUPERAntiSpyware 20160930
TheHacker 20160930
TrendMicro 20160930
TrendMicro-HouseCall 20160930
VBA32 20160929
VIPRE 20160930
ViRobot 20160930
Yandex 20160929
Zillya 20160929
Zoner 20160930
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2012

Product iAd
Original name iAdCore.dll
Internal name iAdCore.dll
File version 1.0.0.1
Description iAd Core
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-09-30 07:00:38
Entry Point 0x00009D80
Number of sections 9
PE sections
PE imports
GetSidSubAuthorityCount
InitializeSid
GetObjectType
GetComputerNameExA
GetModuleFileNameW
CompareStringW
GetDateFormatA
GetWindowsDirectoryW
RemoveDirectoryW
FindNextVolumeA
lstrcmpiA
GetTapeStatus
lstrcmpiW
FindAtomA
FormatMessageA
FreeConsole
EnumResourceTypesW
FindAtomW
QueueUserAPC
BeginUpdateResourceA
glPixelMapusv
glTexGenf
glNormal3s
glScalef
glEnd
glGetTexLevelParameteriv
glGetBooleanv
glPopAttrib
glTexCoord2fv
glVertexPointer
glTexCoord3iv
glColor3ui
glGetMaterialfv
glMap1d
InflateRect
GetWindowRect
GetForegroundWindow
GetClassNameW
GetKeyboardLayoutNameA
RtmLockRoute
RtmDeregisterEntity
RtmIsMarkedForChangeNotification
RtmCreateNextHopEnum
RtmGetEnumNextHops
RtmLockDestination
RtmGetNextHopPointer
RtmCreateRouteListEnum
RtmReferenceHandles
RtmGetLessSpecificDestination
RtmReleaseRouteInfo
RtmHoldDestination
RtmGetChangeStatus
RtmInvokeMethod
RtmGetOpaqueInformationPointer
RtmAddNextHop
RtmReleaseNextHops
RtmReleaseDests
RtmDeregisterFromChangeNotification
RtmFindNextHop
RtmGetNextHopInfo
RtmCreateRouteEnum
RtmIgnoreChangedDests
RtmMarkDestForChangeNotification
RtmReleaseRoutes
RtmGetRegisteredEntities
RtmInsertInRouteList
RtmCreateDestEnum
RtmIsBestRoute
PE exports
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
7.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.1

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
163840

EntryPoint
0x9d80

OriginalFileName
iAdCore.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2012

FileVersion
1.0.0.1

TimeStamp
2016:09:30 08:00:38+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
iAdCore.dll

ProductVersion
1.0.0.1

FileDescription
iAd Core

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Apple, Inc

CodeSize
40960

ProductName
iAd

ProductVersionNumber
1.0.0.1

FileTypeExtension
dll

ObjectFileType
Dynamic link library

Compressed bundles
File identification
MD5 5459db7d189e4394c274db181381f6c9
SHA1 e6cdb49f65d61e2565c2e2f23de5e3dae60a6b2f
SHA256 74d0cc4d5412b7147256791f2d8ec00f26a109f59e802828a19c787bb3f53bda
ssdeep
3072:smzwtAoIOiNEinkA94ktKVvI6BtDsqYckoFiArlIJPn3rreBUh:Gt1TExZ94ktsvI6BAGFJSNb6B

authentihash 0938dc0d6aad178729b054a89bf60ecc22c905ef90fda6d4978e7e91fe0d4760
imphash fad35a712ccd84f517c377d49ba036ab
File size 208.0 KB ( 212992 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
pedll

VirusTotal metadata
First submission 2016-09-30 09:25:48 UTC ( 2 years, 4 months ago )
Last submission 2016-09-30 14:05:04 UTC ( 2 years, 4 months ago )
File names iAdCore.dll
hupoas.dll
5459db7d189e4394c274db181381f6c9
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!