× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 74f26607c8e9a2b3abd6ed361af0527451e829878b95ff7a2614f5f1c185e9f1
File name: connectmgruiplugin.dll
Detection ratio: 0 / 46
Analysis date: 2013-04-01 22:04:12 UTC ( 5 years, 4 months ago )
Antivirus Result Update
Yandex 20130401
AhnLab-V3 20130401
AntiVir 20130401
Antiy-AVL 20130401
Avast 20130401
AVG 20130401
BitDefender 20130401
ByteHero 20130322
CAT-QuickHeal 20130401
ClamAV 20130401
Commtouch 20130401
Comodo 20130401
DrWeb 20130401
Emsisoft 20130401
eSafe 20130328
ESET-NOD32 20130401
F-Prot 20130401
F-Secure 20130401
Fortinet 20130401
GData 20130401
Ikarus 20130401
Jiangmin 20130331
K7AntiVirus 20130401
Kaspersky 20130401
Kingsoft 20130401
Malwarebytes 20130401
McAfee 20130401
McAfee-GW-Edition 20130401
Microsoft 20130402
eScan 20130402
NANO-Antivirus 20130401
Norman 20130401
nProtect 20130401
Panda 20130401
PCTools 20130401
Rising 20130328
Sophos AV 20130402
SUPERAntiSpyware 20130401
Symantec 20130401
TheHacker 20130401
TotalDefense 20130401
TrendMicro 20130401
TrendMicro-HouseCall 20130401
VBA32 20130330
VIPRE 20130402
ViRobot 20130401
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-12-29 14:01:26
Entry Point 0x00001060
Number of sections 7
PE sections
PE imports
GetLastError
TlsGetValue
ReleaseSemaphore
CreateSemaphoreA
TlsFree
GetModuleHandleA
WaitForSingleObject
InterlockedDecrement
Sleep
CloseHandle
TlsAlloc
TlsSetValue
GetProcAddress
GetCurrentThreadId
SetLastError
InterlockedIncrement
_ZN7QObject10timerEventEP11QTimerEvent
_ZN7QObjectD2Ev
_ZN11QMetaObject8activateEP7QObjectPKS_iPPv
_ZN7QStringaSERKS_
_ZNK7QString7indexOfERKS_iN2Qt15CaseSensitivityE
_ZN7QString16codecForCStringsE
_ZN5QTime11currentTimeEv
_ZNK5QTime8toStringERK7QString
_ZN7QString16fromAscii_helperEPKci
_ZN8QVariantD1Ev
_ZN7QObject11eventFilterEPS_P6QEvent
_ZNK7QString11toLocal8BitEv
_ZN7QObject5eventEP6QEvent
_ZN7QObject10childEventEP11QChildEvent
_ZN7QObject7connectEPKS_PKcS1_S3_N2Qt14ConnectionTypeE
_ZNK7QStringeqERK13QLatin1String
_Z6qDebugPKcz
_ZN9QListData11shared_nullE
_Z5qFreePv
_ZN7QObject13connectNotifyEPKc
_ZN8QVariantC1ERK7QString
_ZN7QObject11customEventEP6QEvent
_ZN7QString11shared_nullE
_ZN9QListData7detach3Ev
_ZN7QString4freeEPNS_4DataE
_ZN11QMetaObject11removeGuardEPP7QObject
_ZN7QObject16disconnectNotifyEPKc
_ZN11QMetaObject11changeGuardEPP7QObjectS1_
_ZN9QListData6appendEv
_ZN7QObject11qt_metacastEPKc
_ZN7QObject16staticMetaObjectE
_ZN7QObject11qt_metacallEN11QMetaObject4CallEiPPv
_Z8qWarningPKcz
_ZNK7QStringeqERKS_
_ZN7QObject13setObjectNameERK7QString
_ZN7QObjectC2EPS_
_ZN7QString9fromAsciiEPKci
_ZN7QLayout18setContentsMarginsEiiii
_ZN10QBoxLayout9addWidgetEP7QWidgeti6QFlagsIN2Qt13AlignmentFlagEE
_ZN15QAbstractButton10setCheckedEb
_ZNK9QComboBox11currentTextEv
_ZN11QHBoxLayoutC1Ev
_ZN9QComboBoxC1EP7QWidget
_ZNK15QAbstractButton9isCheckedEv
_ZN12QRadioButtonC1EP7QWidget
_ZN7QWidget12setFixedSizeEii
_ZN9QGroupBoxC1EP7QWidget
_ZN10QBoxLayout10addStretchEi
_ZN7QWidget10setEnabledEb
_ZN9QComboBox5clearEv
_ZN9QComboBox15setCurrentIndexEi
_ZN7QWidget5closeEv
_ZN6QLabelC1EP7QWidget6QFlagsIN2Qt10WindowTypeEE
_ZN7QLayout17setSizeConstraintENS_14SizeConstraintE
_ZN7QWidget9setParentEPS_
_ZNK9QComboBox8findDataERK8QVarianti6QFlagsIN2Qt9MatchFlagEE
_ZN9QComboBox11insertItemsEiRK11QStringList
_ZN7QWidget9setLayoutEP7QLayout
_ZN7QWidget14setFixedHeightEi
_ZN7QWidgetC1EPS_6QFlagsIN2Qt10WindowTypeEE
_ZN6QLabel7setTextERK7QString
_ZN9QGroupBox8setTitleERK7QString
_ZN11QVBoxLayoutC1Ev
_ZNK9QComboBox5countEv
_ZN15QAbstractButton7setTextERK7QString
_ZN7QWidget4moveERK6QPoint
_ZNK9QComboBox12currentIndexEv
_ZN10QBoxLayout10addSpacingEi
_ZN7Startup18GetPluginContainerEv
_ZN11CommonUtils11GetSettingsE7QStringS0_
_ZN11CommonUtils11SetSettingsE7QStringS0_S0_
_ZN6Change2trERK7QStringS2_
_Unwind_SetIP
_Unwind_GetIPInfo
__emutls_get_address
__deregister_frame_info
_Unwind_GetTextRelBase
_Unwind_RaiseException
_Unwind_GetDataRelBase
_Unwind_Resume
__register_frame_info
_Unwind_GetLanguageSpecificData
_Unwind_GetRegionStart
_Unwind_SetGR
_Unwind_DeleteException
_Unwind_Resume_or_Rethrow
__mingwthr_key_dtor
fputc
malloc
strcpy
_errno
fwrite
__dllonexit
strcmp
fputs
abort
free
realloc
_write
fflush
sprintf
_iob
UTPS_DevSrv_RegisterDevInitEventCallback
UTPS_DevSrv_UnRegisterDevInitEventCallback
UTPS_NetConnectSrv_DSGetDialType
UTPS_DevSrv_GetDevStatus
UTPS_NetConnectSrv_DSGetDialMode
PE exports
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

TimeStamp
2011:12:29 15:01:26+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
68096

LinkerVersion
2.56

EntryPoint
0x1060

InitializedDataSize
118272

SubsystemVersion
4.0

ImageVersion
1.0

OSVersion
4.0

UninitializedDataSize
512

File identification
MD5 c891a7a6f08df14612bbd8fd5e80ecec
SHA1 b274c72086a4b044259bfea4a8cc55da7e3cdadd
SHA256 74f26607c8e9a2b3abd6ed361af0527451e829878b95ff7a2614f5f1c185e9f1
ssdeep
3072:2j9d/RtPS1b4Y/mS9odMTlk1wpYpUPkBX1:239Y/jZTkiMUPkB

File size 116.5 KB ( 119296 bytes )
File type Win32 DLL
Magic literal
MS-DOS executable PE for MS Windows (DLL) (console) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (75.0%)
Win32 Executable Generic (16.9%)
Generic Win/DOS Executable (3.9%)
DOS Executable Generic (3.9%)
VXD Driver (0.0%)
Tags
pedll

VirusTotal metadata
First submission 2013-04-01 22:04:12 UTC ( 5 years, 4 months ago )
Last submission 2013-04-01 22:04:12 UTC ( 5 years, 4 months ago )
File names vt-upload-mh4cf
connectmgruiplugin.dll
Behaviour characterization
Zemana
dll-injection

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!