× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7857aee14778ed2af7918fd2ca4e09660347510bc7ae2d81646202adb8a9e3b1
File name: BROWSEUI.DLL
Detection ratio: 30 / 46
Analysis date: 2013-07-31 23:17:07 UTC ( 8 months, 2 weeks ago )
Antivirus Result Update
AVG Generic_s.BSH 20130731
AhnLab-V3 Trojan/Win32.Tepfer 20130731
AntiVir TR/Rogue.1116339 20130731
Antiy-AVL Trojan/Win32.Tepfer.gen 20130731
Avast Win32:Malware-gen 20130731
BitDefender Trojan.GenericKD.1116339 20130731
Comodo TrojWare.Win32.Agent.iesg 20130731
DrWeb Trojan.PWS.Siggen1.6250 20130801
ESET-NOD32 a variant of Win32/Kryptik.BFYV 20130731
Emsisoft Trojan.Win32.Agent (A) 20130801
F-Secure Trojan.GenericKD.1116339 20130731
Fortinet W32/Kelihos.BC!tr 20130801
GData Trojan.GenericKD.1116339 20130801
Ikarus Trojan-PWS.Win32.Tepfer 20130731
K7AntiVirus Trojan 20130731
K7GW Trojan 20130731
Kaspersky Trojan-PSW.Win32.Tepfer.nvye 20130731
Malwarebytes Trojan.FakeMS 20130731
McAfee Ransom-FAD!FBAD0969A3FE 20130731
McAfee-GW-Edition Ransom-FAD!FBAD0969A3FE 20130731
MicroWorld-eScan Trojan.GenericKD.1116339 20130731
NANO-Antivirus Trojan.Win32.Tepfer.bxxgdr 20130731
Norman Kelihos.TJU 20130731
PCTools Email-Worm.Waledac 20130731
Panda Trj/Genetic.gen 20130731
Sophos Mal/Generic-S 20130731
Symantec W32.Waledac.D!gen5 20130731
TrendMicro-HouseCall TROJ_GEN.F47V0716 20130731
VBA32 BScope.Malware-Cryptor.Mystig 20130730
VIPRE Win32.Malware!Drop 20130731
Agnitum 20130731
ByteHero 20130724
CAT-QuickHeal 20130731
ClamAV 20130731
Commtouch 20130731
F-Prot 20130731
Jiangmin 20130731
Kingsoft 20130723
Microsoft 20130731
Rising 20130731
SUPERAntiSpyware 20130731
TheHacker 20130731
TotalDefense 20130731
TrendMicro 20130731
ViRobot 20130731
nProtect 20130731
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
Authenticode signature block
Copyright
© Microsoft Corporation. All rights reserved.

Publisher Microsoft Corporation
Product Microsoft® Windows® Operating System
Version 6.00.3790.0
Original name BROWSEUI.DLL
Internal name BROWSEUI.DLL
File version 6.00.3790.0 (srv03_rtm.030324-2048)
Description Shell Browser UI Library
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2004-06-23 05:53:38
Entry Point 0x0000444E
Number of sections 4
PE sections
PE imports
GetCurrentProcess
TerminateProcess
SetUnhandledExceptionFilter
GetCurrentProcessId
GetModuleHandleA
InterlockedExchange
QueryPerformanceCounter
UnhandledExceptionFilter
GetStartupInfoA
Sleep
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetTickCount
GetCurrentThreadId
InterlockedCompareExchange
IUnknown_Release_Proxy
NdrOleAllocate
IUnknown_QueryInterface_Proxy
NdrStubCall2
NdrDllUnregisterProxy
NdrDllCanUnloadNow
NdrStubForwardingFunction
NdrDllGetClassObject
NdrOleFree
IUnknown_AddRef_Proxy
NdrDllRegisterProxy
NdrCStdStubBuffer2_Release
_amsg_exit
?terminate@@YAXXZ
_ismbblead
_acmdln
_exit
_adjust_fdiv
_chdir
__p__fmode
_cexit
_controlfp
exit
_XcptFilter
__getmainargs
_initterm
__setusermatherr
__p__commode
__set_app_type
Number of PE resources by type
RT_STRING 57
RT_HTML 17
RT_MENU 17
RT_DIALOG 6
RT_ACCELERATOR 2
RT_VERSION 1
Number of PE resources by language
ENGLISH US 100
File identification
MD5 fbad0969a3fe539fa048df9912b8c6d4
SHA1 8e6a57913373cb4b0b490886543d261574aad039
SHA256 7857aee14778ed2af7918fd2ca4e09660347510bc7ae2d81646202adb8a9e3b1
ssdeep
12288:xKGVJBYbJQKM/zhlR+UhLcJxuEkHnylPpooJk0lKXSta3fFsgc0Tg+6JdWYO2Rg:JYbPgzV+U12wyblKbpYgYWaV

File size 940.0 KB ( 962560 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.1%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2013-07-16 12:31:08 UTC ( 9 months ago )
Last submission 2013-07-16 19:01:30 UTC ( 9 months ago )
File names 8E6A57913373CB4B0B490886543D261574AAD039.exe
malekal_fbad0969a3fe539fa048df9912b8c6d4
rasta01.exe
file-5732264_exe
BROWSEUI.DLL
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!