× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7ccf27e873c3ce09052351e05adae5d9d3dfe9ac7fa363169b6e50159ff00da7
File name: 2edc6e7e2c7a8968ae4cfb9d6f6f09c7
Detection ratio: 9 / 67
Analysis date: 2018-06-15 11:01:35 UTC ( 6 months ago )
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9959 20180615
Comodo TrojWare.Win32.Trojan.XPack.~gen1 20180615
CrowdStrike Falcon (ML) malicious_confidence_80% (D) 20180530
Cylance Unsafe 20180615
Endgame malicious (high confidence) 20180612
Sophos ML heuristic 20180601
Microsoft Trojan:Win32/Fuerboos.A!cl 20180615
Qihoo-360 HEUR/QVM40.1.DC09.Malware.Gen 20180615
Symantec ML.Attribute.HighConfidence 20180615
Ad-Aware 20180615
AegisLab 20180615
AhnLab-V3 20180615
Alibaba 20180615
ALYac 20180615
Antiy-AVL 20180615
Arcabit 20180615
Avast 20180615
Avast-Mobile 20180614
AVG 20180615
Avira (no cloud) 20180615
AVware 20180615
Babable 20180406
BitDefender 20180615
Bkav 20180615
CAT-QuickHeal 20180615
ClamAV 20180615
CMC 20180614
Cybereason 20180225
Cyren 20180615
DrWeb 20180615
eGambit 20180615
Emsisoft 20180615
ESET-NOD32 20180615
F-Prot 20180615
F-Secure 20180615
Fortinet 20180615
GData 20180615
Ikarus 20180615
Jiangmin 20180615
K7AntiVirus 20180615
K7GW 20180615
Kaspersky 20180615
Kingsoft 20180615
Malwarebytes 20180615
MAX 20180615
McAfee 20180615
McAfee-GW-Edition 20180615
eScan 20180615
NANO-Antivirus 20180615
Palo Alto Networks (Known Signatures) 20180615
Panda 20180614
Rising 20180615
SentinelOne (Static ML) 20180225
Sophos AV 20180615
SUPERAntiSpyware 20180614
Symantec Mobile Insight 20180614
TACHYON 20180614
Tencent 20180615
TheHacker 20180613
TotalDefense 20180615
TrendMicro 20180615
TrendMicro-HouseCall 20180615
Trustlook 20180615
VBA32 20180615
VIPRE 20180615
ViRobot 20180615
Webroot 20180615
Yandex 20180615
Zillya 20180614
ZoneAlarm by Check Point 20180615
Zoner 20180615
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2012-2013 TortoiseGit, Copyright (C) 2007-2012 TortoiseSVN

Product TortoiseGit
Original name apisetstub
Internal name TortoiseStub.dll
File version 6.1.76
Description TortoiseGit shell extension client
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-06-15 09:01:06
Entry Point 0x00001530
Number of sections 6
PE sections
PE imports
RegisterServiceCtrlHandlerExW
CreateRestrictedToken
DeleteObject
CreateRectRgn
SetupDiSetDeviceInstallParamsW
FindExecutableA
wnsprintfW
EmptyClipboard
MonitorFromRect
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.5.0.0

UninitializedDataSize
0

LanguageCode
Process default

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
0

EntryPoint
0x1530

OriginalFileName
apisetstub

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2012-2013 TortoiseGit, Copyright (C) 2007-2012 TortoiseSVN

FileVersion
6.1.76

TimeStamp
2018:06:15 10:01:06+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
TortoiseStub.dll

ProductVersion
2.5.0.0

FileDescription
TortoiseGit shell extension client

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
https://tortoisegit.org/

CodeSize
0

ProductName
TortoiseGit

ProductVersionNumber
2.5.0.0

FileTypeExtension
dll

ObjectFileType
Dynamic link library

File identification
MD5 2edc6e7e2c7a8968ae4cfb9d6f6f09c7
SHA1 299428972bb943d1ce46362cbe79682b4518471c
SHA256 7ccf27e873c3ce09052351e05adae5d9d3dfe9ac7fa363169b6e50159ff00da7
ssdeep
6144:cek9SHQMzXn7jLvwDWhVN/0z/RYX8D8ipxmPIWpP64bcoZPwJWRKHbV8U8CArr:ceFHD37jACvwpYXuHmjZZ4JpxZ8b

authentihash 319d58ee5cf383798f859a7f7e50f03f0572d21c940dd1a533fd6226e41ba9b6
imphash ce23b4b447c44f68ca4341ca0eb0fda8
File size 496.0 KB ( 507904 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
pedll

VirusTotal metadata
First submission 2018-06-15 11:01:35 UTC ( 6 months ago )
Last submission 2018-06-15 11:01:35 UTC ( 6 months ago )
File names apisetstub
TortoiseStub.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!