× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8087f3df8852cba06bc8c56035ce9b79e3043102f4125b0402744336211641c1
File name: apisetstub
Detection ratio: 0 / 66
Analysis date: 2018-06-21 00:14:29 UTC ( 9 months ago )
Trusted source! This file belongs to the Microsoft Corporation software catalogue.
Antivirus Result Update
ALYac 20180620
AVG 20180620
AVware 20180620
Ad-Aware 20180620
AegisLab 20180620
AhnLab-V3 20180620
Antiy-AVL 20180621
Arcabit 20180620
Avast 20180620
Avast-Mobile 20180620
Avira (no cloud) 20180620
Babable 20180406
Baidu 20180620
BitDefender 20180620
Bkav 20180620
CAT-QuickHeal 20180620
CMC 20180620
ClamAV 20180620
Comodo 20180620
CrowdStrike Falcon (ML) 20180530
Cylance 20180621
Cyren 20180620
DrWeb 20180620
ESET-NOD32 20180620
Emsisoft 20180620
Endgame 20180612
F-Prot 20180620
F-Secure 20180620
Fortinet 20180620
GData 20180620
Sophos ML 20180601
Jiangmin 20180621
K7AntiVirus 20180620
K7GW 20180620
Kaspersky 20180620
Kingsoft 20180621
MAX 20180621
Malwarebytes 20180620
McAfee 20180621
McAfee-GW-Edition 20180620
eScan 20180621
Microsoft 20180621
NANO-Antivirus 20180620
Palo Alto Networks (Known Signatures) 20180621
Panda 20180620
Qihoo-360 20180621
Rising 20180620
SUPERAntiSpyware 20180620
SentinelOne (Static ML) 20180618
Sophos AV 20180620
Symantec 20180620
TACHYON 20180620
Tencent 20180621
TheHacker 20180619
TotalDefense 20180620
TrendMicro 20180621
TrendMicro-HouseCall 20180620
VBA32 20180620
VIPRE 20180620
ViRobot 20180620
Webroot 20180621
Yandex 20180620
Zillya 20180620
ZoneAlarm by Check Point 20180620
Zoner 20180620
eGambit 20180621
Alibaba 20180620
Cybereason 20180225
Symantec Mobile Insight 20180619
Trustlook 20180621
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem that targets 64bit architectures.
Authenticode signature block and FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name apisetstub
Internal name apisetstub
File version 10.0.9904.0 (fbl_refactor.141207-1750)
Description ApiSet Stub DLL
Signature verification Signed file, verified signature
Signing date 5:32 AM 6/14/2016
Signers
[+] Microsoft Corporation
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Microsoft Code Signing PCA
Valid from 6:42 PM 6/4/2015
Valid to 6:42 PM 9/4/2016
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 3BDA323E552DB1FDE5F4FBEE75D6D5B2B187EEDC
Serial number 33 00 00 01 0A 2C 79 AE D7 79 7B A6 AC 00 01 00 00 01 0A
[+] Microsoft Code Signing PCA
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 11:19 PM 8/31/2010
Valid to 11:29 PM 8/31/2020
Valid usage All
Algorithm sha1RSA
Thumbprint 3CAF9BA2DB5570CAF76942FF99101B993888E257
Serial number 61 33 26 1A 00 00 00 00 00 31
[+] Microsoft Root Certificate Authority
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 12:19 AM 5/10/2001
Valid to 12:28 AM 5/10/2021
Valid usage All
Algorithm sha1RSA
Thumbprint CDD4EEAE6000AC7F40C3802C171E30148030C072
Serial number 79 AD 16 A1 4A A0 A5 AD 4C 73 58 F4 07 13 2E 65
Counter signers
[+] Microsoft Time-Stamp Service
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Microsoft Time-Stamp PCA
Valid from 8:21 PM 3/30/2016
Valid to 8:21 PM 6/30/2017
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 838C7B8BC3FA060AFB25993A19B9A76AE7E06230
Serial number 33 00 00 00 9D 42 68 EE 31 1C D7 56 BD 00 00 00 00 00 9D
[+] Microsoft Time-Stamp PCA
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 1:53 PM 4/3/2007
Valid to 2:03 PM 4/3/2021
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 375FCB825C3DC3752A02E34EB70993B4997191EF
Serial number 61 16 68 34 00 00 00 00 00 1C
[+] Microsoft Root Certificate Authority
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 12:19 AM 5/10/2001
Valid to 12:28 AM 5/10/2021
Valid usage All
Algorithm sha1RSA
Thumbrint CDD4EEAE6000AC7F40C3802C171E30148030C072
Serial number 79 AD 16 A1 4A A0 A5 AD 4C 73 58 F4 07 13 2E 65
PE header basic information
Target machine x64
Compilation timestamp 2014-12-08 07:49:59
Number of sections 2
PE sections
Overlays
MD5 22dbf65176c9ca894be71f557ed2b149
File type data
Offset 3072
Size 16184
Entropy 7.41
PE exports
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
10.0

LinkerVersion
12.1

ImageVersion
10.0

FileSubtype
0

FileVersionNumber
10.0.9904.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
2048

EntryPoint
0x0000

OriginalFileName
apisetstub

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
10.0.9904.0 (fbl_refactor.141207-1750)

TimeStamp
2014:12:08 08:49:59+01:00

FileType
Win64 DLL

PEType
PE32+

InternalName
apisetstub

ProductVersion
10.0.9904.0

FileDescription
ApiSet Stub DLL

OSVersion
10.0

FileOS
Windows NT 32-bit

Subsystem
Windows command line

MachineType
AMD AMD64

CompanyName
Microsoft Corporation

CodeSize
0

ProductName
Microsoft Windows Operating System

ProductVersionNumber
10.0.9904.0

FileTypeExtension
dll

ObjectFileType
Dynamic link library

CarbonBlack CarbonBlack acts as a surveillance camera for computers
Compressed bundles
File identification
MD5 bd57d75143b23c9992f33300c95300ed
SHA1 b1387d50180d60778dbe414dfc7e4e36b8558b3b
SHA256 8087f3df8852cba06bc8c56035ce9b79e3043102f4125b0402744336211641c1
ssdeep
384:ymaFZa/BGWBhWZJA0GftpBj8x9ERHRN7zxllgeDh3:ymaFZa/Bpciax9EBzxIi

authentihash 8b48dc706a7a54d4ade695ad2484394915ea619097107ffc8f57d0d879bacb00
File size 18.8 KB ( 19256 bytes )
File type Win32 DLL
Magic literal
PE32+ executable for MS Windows (DLL) (console)

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
64bits pedll signed trusted overlay

Trusted verdicts
This file belongs to the Microsoft Corporation software catalogue. The file is often found with filCF325C11626A7CB41B098971DAC0F55F as its name.
VirusTotal metadata
First submission 2016-06-28 14:38:14 UTC ( 2 years, 8 months ago )
Last submission 2017-05-24 15:21:08 UTC ( 1 year, 9 months ago )
File names CM_FH_a9cf908_api_ms_win_core_localization_obsolete_l1_2_0.dll
fil97C43289B687BA738FDF25233863518B
api-ms-win-core-localization-obsolete-l1-2-0.dll
api-ms-win-core-localization-obsolete-l1-2-0.dll
filCB75D356DCE9FB8EF9B058323EEA25AC
api-ms-win-core-localization-obsolete-l1-2-0.dll
fil5B413354293E1ACCA958A548CF49DCE5
fil1436A33DD94FF66C0A3AA1A48DFCA6D4
fil27B4D769E57A39B85A6F10DA37E938AB
api-ms-win-core-localization-obsolete-l1-2-0.dll
filF5F523C727D375186D0650DACB52ED5D
fil6FE85DF6446E47440AA55D96209FE3ED
filA81D07CF4BA9C438C42A3472D5650ACB
filCF325C11626A7CB41B098971DAC0F55F
api-ms-win-core-localization-obsolete-l1-2-0.dll
api-ms-win-core-localization-obsolete-l1-2-0.dll
api-ms-win-core-localization-obsolete-l1-2-0.dll
apisetstub
api-ms-win-core-localization-obsolete-l1-2-0.dll
sbs_ve_ambr_20170511210042.205_ 211034
filB9DD2CAED61BEFA8F27C6BEE33D710F4
filFB035C3FE0DF8D4E320A6BE00C4854D2
fil6CE5FB19E508A68B1D705907619F45C9
api-ms-win-core-localization-obsolete-l1-2-0.dll
api-ms-win-core-localization-obsolete-l1-2-0.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!