× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7c9f2c2aeb0b3f06784bab6ebada5466b81007742a283c10f12822e3d67754df
File name: mcafeemss_ie.dll
Detection ratio: 1 / 67
Analysis date: 2018-03-07 22:21:16 UTC ( 1 year, 1 month ago )
Antivirus Result Update
Jiangmin WebToolbar.MSIL.qfl 20180307
Ad-Aware 20180307
AegisLab 20180307
AhnLab-V3 20180307
Alibaba 20180307
ALYac 20180307
Antiy-AVL 20180307
Arcabit 20180307
Avast 20180307
Avast-Mobile 20180307
AVG 20180307
Avira (no cloud) 20180307
AVware 20180307
Baidu 20180307
BitDefender 20180307
Bkav 20180307
CAT-QuickHeal 20180307
ClamAV 20180307
CMC 20180307
Comodo 20180307
CrowdStrike Falcon (ML) 20170201
Cybereason 20180225
Cylance 20180307
Cyren 20180307
DrWeb 20180307
eGambit 20180307
Emsisoft 20180307
Endgame 20180303
ESET-NOD32 20180307
F-Prot 20180307
F-Secure 20180307
Fortinet 20180307
GData 20180307
Ikarus 20180307
Sophos ML 20180121
K7AntiVirus 20180307
K7GW 20180307
Kaspersky 20180307
Kingsoft 20180307
Malwarebytes 20180307
MAX 20180307
McAfee 20180307
McAfee-GW-Edition 20180307
Microsoft 20180307
eScan 20180307
NANO-Antivirus 20180307
nProtect 20180307
Palo Alto Networks (Known Signatures) 20180307
Panda 20180307
Qihoo-360 20180307
Rising 20180307
SentinelOne (Static ML) 20180225
Sophos AV 20180307
SUPERAntiSpyware 20180307
Symantec 20180307
Symantec Mobile Insight 20180306
Tencent 20180307
TheHacker 20180307
TotalDefense 20180307
TrendMicro 20180307
TrendMicro-HouseCall 20180307
Trustlook 20180307
VBA32 20180307
VIPRE 20180307
ViRobot 20180307
Webroot 20180307
WhiteArmor 20180223
Yandex 20180307
Zillya 20180307
ZoneAlarm by Check Point 20180307
Zoner 20180307
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright © 2011 McAfee, Inc.

Product McAfee Security Scanner +
Original name McAfeeMSS_IE.dll
Internal name McAfeeMSS_IE
File version 3,0,318,0
Description Quick Browser Identifier for MSS+ Tool
Signature verification Signed file, verified signature
Signing date 4:47 PM 2/5/2013
Signers
[+] McAfee, Inc.
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer VeriSign Class 3 Code Signing 2004 CA
Valid from 1:00 AM 10/6/2011
Valid to 12:59 AM 1/1/2014
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 1C26E2037C8E205B452CAB3565D696512207D66B
Serial number 68 A5 C8 47 24 52 E9 8D 42 54 88 C3 98 1C 28 F8
[+] VeriSign Class 3 Code Signing 2004 CA
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Class 3 Public Primary Certification Authority
Valid from 1:00 AM 7/16/2004
Valid to 12:59 AM 7/16/2014
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 197A4AEBDB25F0170079BB8C73CB2D655E0018A4
Serial number 41 91 A1 5A 39 78 DF CF 49 65 66 38 1D 4C 75 C2
[+] VeriSign Class 3 Public Primary CA
Status Valid
Issuer Class 3 Public Primary Certification Authority
Valid from 1:00 AM 1/29/1996
Valid to 12:59 AM 8/2/2028
Valid usage Email Protection, Client Auth, Code Signing, Server Auth
Algorithm md2RSA
Thumbprint 742C3192E607E424EB4549542BE1BBC53E6174E2
Serial number 70 BA E4 1D 10 D9 29 34 B6 38 CA 7B 03 CC BA BF
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 1:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-02-05 15:41:25
Entry Point 0x000078AA
Number of sections 5
PE sections
Overlays
MD5 08e84e9c16b42af301d6c9bb426c12ff
File type data
Offset 86016
Size 8096
Entropy 7.40
PE imports
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExW
RegDeleteKeyW
SetThreadLocale
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
GetModuleFileNameW
FreeLibrary
QueryPerformanceCounter
HeapDestroy
GetTickCount
DisableThreadLibraryCalls
TlsAlloc
GetOEMCP
GetEnvironmentStringsW
lstrcmpiW
RtlUnwind
lstrlenW
IsProcessorFeaturePresent
DeleteCriticalSection
GetCurrentProcess
SizeofResource
GetThreadLocale
DecodePointer
GetCurrentProcessId
UnhandledExceptionFilter
GetCPInfo
ExitProcess
LoadLibraryExW
MultiByteToWideChar
GetStartupInfoW
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
HeapSize
RaiseException
WideCharToMultiByte
LoadLibraryW
TlsFree
SetUnhandledExceptionFilter
WriteFile
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
HeapAlloc
IsDebuggerPresent
TerminateProcess
GetModuleFileNameA
TlsGetValue
IsValidCodePage
LoadResource
FindResourceW
InterlockedDecrement
Sleep
GetFileType
TlsSetValue
EncodePointer
GetCurrentThreadId
LeaveCriticalSection
HeapCreate
SetLastError
InterlockedIncrement
LoadRegTypeLib
SysStringLen
UnRegisterTypeLib
RegisterTypeLib
VariantClear
SysAllocString
DispCallFunc
LoadTypeLib
SysFreeString
VariantInit
VarUI4FromStr
CharNextW
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
CoTaskMemAlloc
StringFromGUID2
PE exports
Number of PE resources by type
REGISTRY 2
RT_MANIFEST 1
TYPELIB 1
RT_STRING 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 6
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
35328

ImageVersion
0.0

ProductName
McAfee Security Scanner +

FileVersionNumber
3.0.318.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0017

FileDescription
Quick Browser Identifier for MSS+ Tool

CharacterSet
Unicode

LinkerVersion
10.0

FileTypeExtension
dll

OriginalFileName
McAfeeMSS_IE.dll

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
3,0,318,0

TimeStamp
2013:02:05 16:41:25+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
McAfeeMSS_IE

ProductVersion
3,0,0,0

SubsystemVersion
5.1

OSVersion
5.1

FileOS
Win32

LegalCopyright
Copyright 2011 McAfee, Inc.

MachineType
Intel 386 or later, and compatibles

CompanyName
McAfee, Inc.

CodeSize
49664

FileSubtype
0

ProductVersionNumber
3.0.0.0

EntryPoint
0x78aa

ObjectFileType
Dynamic link library

File identification
MD5 df19743e391eee961ddf983f5f45b5dc
SHA1 2e78ba44842c289a823630e7250809656e008239
SHA256 7c9f2c2aeb0b3f06784bab6ebada5466b81007742a283c10f12822e3d67754df
ssdeep
1536:YMzRV4W0gUelzDlFhSX2w1/ekouylBCZcmx:PtV4WyezeX2w1muylBCt

authentihash 511e8197097ccc48f763a89add94d7bbf9bc8cd3fc8ae3800b60c130429a1ebc
imphash 656caea0f8aacbf3a0e65f2f107cb59a
File size 91.9 KB ( 94112 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID DirectShow filter (51.1%)
Windows ActiveX control (29.5%)
Win32 Executable MS Visual C++ (generic) (7.9%)
Win64 Executable (generic) (7.0%)
Win32 Dynamic Link Library (generic) (1.6%)
Tags
pedll signed overlay

VirusTotal metadata
First submission 2013-02-08 15:09:03 UTC ( 6 years, 2 months ago )
Last submission 2018-03-07 22:21:16 UTC ( 1 year, 1 month ago )
File names vt-upload-ELPWUv
McAfeeMSS_IE.dll
mcafeemss_ie.dll
mcafeemss_ie.dll
McAfeeMSS_IE.dll
McAfeeMSS_IE.dll
file-5238971_dll
mcafeemss_ie.dll
McAfeeMSS_IE.dll
mcafeemss_ie.dll
mcafeemss_ie.dll
McAfeeMSS_IE.dll
McAfeeMSS_IE
mcafeemss_ie.dll
McAfeeMSS_IE.dll
mcafeemss_ie.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!