× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7dcb938abd8ede86ea09f5eb36c27d10c9baf26f4ca008b1a29cfbf631f19135
File name: hupoas.dll
Detection ratio: 6 / 57
Analysis date: 2016-09-29 13:37:46 UTC ( 10 months, 4 weeks ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.151026.9950.9975 20160929
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20160725
Sophos ML virus.win32.ramnit.ah 20160928
Kaspersky UDS:DangerousObject.Multi.Generic 20160929
Symantec Heur.AdvML.B 20160929
Tencent Win32.Trojan.Raas.Auto 20160929
Ad-Aware 20160929
AegisLab 20160929
AhnLab-V3 20160929
Alibaba 20160929
ALYac 20160929
Antiy-AVL 20160929
Arcabit 20160929
Avast 20160929
AVG 20160929
Avira (no cloud) 20160929
AVware 20160929
BitDefender 20160929
Bkav 20160929
CAT-QuickHeal 20160929
ClamAV 20160929
CMC 20160928
Comodo 20160929
Cyren 20160929
DrWeb 20160929
Emsisoft 20160929
ESET-NOD32 20160929
F-Prot 20160926
F-Secure 20160929
Fortinet 20160929
GData 20160929
Ikarus 20160929
Jiangmin 20160929
K7AntiVirus 20160929
K7GW 20160929
Kingsoft 20160929
Malwarebytes 20160929
McAfee 20160929
McAfee-GW-Edition 20160929
Microsoft 20160929
eScan 20160929
NANO-Antivirus 20160927
nProtect 20160929
Panda 20160929
Qihoo-360 20160929
Rising 20160929
Sophos AV 20160929
SUPERAntiSpyware 20160929
TheHacker 20160927
TrendMicro 20160929
TrendMicro-HouseCall 20160929
VBA32 20160929
VIPRE 20160929
ViRobot 20160929
Yandex 20160928
Zillya 20160929
Zoner 20160929
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-09-29 09:59:47
Entry Point 0x0000AAC0
Number of sections 8
PE sections
PE imports
GetSidSubAuthorityCount
InitializeSid
GetObjectType
GetComputerNameExA
RemoveDirectoryW
CompareStringW
GetDateFormatA
GetWindowsDirectoryW
GetModuleFileNameW
FindNextVolumeA
lstrcmpiA
GetTapeStatus
lstrcmpiW
FindAtomA
FormatMessageA
FreeConsole
EnumResourceTypesW
FindAtomW
QueueUserAPC
BeginUpdateResourceA
glPixelMapusv
glTexGenf
glNormal3s
glScalef
glEnd
glGetTexLevelParameteriv
glGetBooleanv
glPopAttrib
glTexCoord2fv
glVertexPointer
glTexCoord3iv
glColor3ui
glGetMaterialfv
glMap1d
InflateRect
GetWindowRect
GetForegroundWindow
GetClassNameW
GetKeyboardLayoutNameA
RtmLockRoute
RtmDeregisterEntity
RtmIsMarkedForChangeNotification
RtmCreateNextHopEnum
RtmGetEnumNextHops
RtmLockDestination
RtmGetNextHopPointer
RtmCreateRouteListEnum
RtmReferenceHandles
RtmGetLessSpecificDestination
RtmReleaseRouteInfo
RtmHoldDestination
RtmGetChangeStatus
RtmInvokeMethod
RtmGetOpaqueInformationPointer
RtmAddNextHop
RtmReleaseNextHops
RtmReleaseDests
RtmDeregisterFromChangeNotification
RtmFindNextHop
RtmGetNextHopInfo
RtmCreateRouteEnum
RtmIgnoreChangedDests
RtmMarkDestForChangeNotification
RtmReleaseRoutes
RtmGetRegisteredEntities
RtmInsertInRouteList
RtmCreateDestEnum
RtmIsBestRoute
PE exports
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
dll

TimeStamp
2016:09:29 10:59:47+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
40960

LinkerVersion
8.0

EntryPoint
0xaac0

InitializedDataSize
163840

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 586aaaaf464be3a4598905b5f0587590
SHA1 8b2e604f0bcce0ea7a642c81eda1966d77af374e
SHA256 7dcb938abd8ede86ea09f5eb36c27d10c9baf26f4ca008b1a29cfbf631f19135
ssdeep
3072:vt/XpigSC9WGDYKlwkaZwzUTejImO5JmSdbLzkiky:hUIFbab0IZBzkix

authentihash 2a0f444d5f3aa13763e3b58eea0b9e9bddd30be57ac85f37a352d45dd6ee39a0
imphash 2e2da04d20a38c8618515513d1bee176
File size 204.0 KB ( 208896 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
pedll

VirusTotal metadata
First submission 2016-09-29 11:01:44 UTC ( 10 months, 4 weeks ago )
Last submission 2016-10-13 08:58:39 UTC ( 10 months, 2 weeks ago )
File names hupoas.dll
7dcb938abd8ede86_hupoas.dll
aaaa
hupoas.-dll-
hupoas.dll
hupoas.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!