× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8170c29309c2c0a691dddf649973e0c40aff93ad64018864e8911803c28ea35d
File name: 7.dll
Detection ratio: 17 / 57
Analysis date: 2015-04-23 09:49:21 UTC ( 2 years, 7 months ago ) View latest
Antivirus Result Update
Avast Win32:Malware-gen 20150423
Avira (no cloud) TR/Crypt.ZPACK.132810 20150423
Baidu-International Trojan.Win32.Dridex.M 20150421
Bkav HW32.Packed.CED6 20150422
ESET-NOD32 Win32/Dridex.M 20150423
Ikarus Trojan.Win32.Dridex 20150423
K7AntiVirus Trojan ( 004baddc1 ) 20150423
K7GW Trojan ( 004baddc1 ) 20150423
Kaspersky Worm.Win32.Cridex.qx 20150423
Malwarebytes Trojan.Agent.EDG 20150423
McAfee Packed-EF!57B54E248588 20150423
Panda Generic Suspicious 20150423
Qihoo-360 HEUR/QVM40.1.Malware.Gen 20150423
Sophos AV Troj/Dridex-CS 20150423
Symantec WS.Reputation.1 20150423
Tencent Trojan.Win32.Qudamah.Gen.11 20150423
TrendMicro-HouseCall Suspicious_GEN.F47V0422 20150423
Ad-Aware 20150423
AegisLab 20150423
Yandex 20150422
AhnLab-V3 20150423
Alibaba 20150423
ALYac 20150423
Antiy-AVL 20150423
AVG 20150423
AVware 20150423
BitDefender 20150423
ByteHero 20150423
CAT-QuickHeal 20150423
ClamAV 20150423
CMC 20150423
Comodo 20150423
Cyren 20150423
DrWeb 20150423
Emsisoft 20150423
F-Prot 20150423
F-Secure 20150423
Fortinet 20150423
GData 20150423
Jiangmin 20150422
Kingsoft 20150423
McAfee-GW-Edition 20150422
Microsoft 20150423
eScan 20150423
NANO-Antivirus 20150422
Norman 20150423
nProtect 20150423
Rising 20150422
SUPERAntiSpyware 20150423
TheHacker 20150422
TotalDefense 20150425
TrendMicro 20150423
VBA32 20150423
VIPRE 20150423
ViRobot 20150423
Zillya 20150422
Zoner 20150422
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
© ?????????? ??????????. ??? ????? ????????.

Product ???????????? ??????? Microsoft® Windows®
Original name Text3D
Internal name Text3D
File version 5.1.2600.5512 (xpsp.080413-2105)
Description ???????? "???????? ?????" (Direct3D)
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-04-22 10:19:10
Entry Point 0x00008410
Number of sections 20
PE sections
PE imports
PauseClusterNode
ClusterRegSetValue
GetClusterInformation
ClusterRegSetKeySecurity
OpenCluster
ClusterGroupCloseEnum
GetClusterResourceKey
ClusterNetworkEnum
RemoveClusterResourceDependency
ClusterNodeControl
ClusterRegOpenKey
ClusterOpenEnum
GetClusterFromNetInterface
SetClusterResourceName
GetClusterResourceTypeKey
GetPrivateProfileSectionNamesA
GetDriveTypeW
GetPrivateProfileSectionNamesW
CreateTapePartition
GetHandleInformation
SetInformationJobObject
GetTapeParameters
ReadFileScatter
EnumResourceLanguagesW
FindResourceExA
FindNextVolumeMountPointA
CheckRemoteDebuggerPresent
GetCPInfo
FindResourceExW
EnumResourceLanguagesA
SetFileAttributesA
SetConsoleCP
OutputDebugStringW
TlsGetValue
EnumUILanguagesW
GetSystemTime
ReadConsoleInputA
WriteProcessMemory
FindNextVolumeA
TryEnterCriticalSection
GetLargestConsoleWindowSize
SetConsoleActiveScreenBuffer
HeapAlloc
CreateSemaphoreA
LoadLibraryExW
DeleteTimerQueueTimer
SetNamedPipeHandleState
GlobalAddAtomA
IsProcessorFeaturePresent
SetHandleInformation
ReadConsoleA
GlobalMemoryStatus
GetCommState
GetModuleHandleExA
HeapFree
GetConsoleFontSize
CreateJobSet
DisableThreadLibraryCalls
SetFileApisToANSI
GetNumberOfConsoleMouseButtons
WriteConsoleInputW
GlobalSize
AddAtomA
GetCommProperties
FindActCtxSectionGuid
AddAtomW
CreateWaitableTimerW
CompareStringW
GetConsoleProcessList
GlobalUnWire
ExpandEnvironmentStringsA
LocalSize
SetFileTime
ReadConsoleOutputAttribute
GlobalGetAtomNameW
DosDateTimeToFileTime
VirtualAllocEx
GlobalUnlock
CompareFileTime
WritePrivateProfileStringA
ContinueDebugEvent
GetCurrentDirectoryA
BackupRead
SetThreadAffinityMask
GetStringTypeA
WritePrivateProfileStringW
EnumSystemCodePagesW
lstrcpynW
RaiseException
ReleaseSemaphore
FindResourceW
GetQueuedCompletionStatus
SetSystemPowerState
WriteFileEx
EnumSystemCodePagesA
lstrcpynA
CreateConsoleScreenBuffer
SetWaitableTimer
SetThreadExecutionState
CreateProcessA
SetTimerQueueTimer
CreateProcessW
SetMailslotInfo
GetDefaultCommConfigA
GetVolumePathNameW
CreateFiberEx
CreateJobObjectA
VerifyVersionInfoA
FileTimeToSystemTime
DeactivateActCtx
CreateJobObjectW
GetVolumePathNameA
GetDiskFreeSpaceA
CommConfigDialogW
MapViewOfFileEx
CommConfigDialogA
EnumDateFormatsW
SetConsoleCursorInfo
ReleaseActCtx
LocalFree
FormatMessageW
GetLogicalDriveStringsA
InterlockedPushEntrySList
LoadResource
FindFirstVolumeMountPointW
OpenThread
CopyFileW
GetNamedPipeInfo
SetConsoleTitleW
GetNumberOfConsoleInputEvents
GetModuleFileNameA
SetConsoleOutputCP
WriteConsoleOutputAttribute
CancelDeviceWakeupRequest
GetCalendarInfoA
FlushInstructionCache
CreateMutexA
RegisterWaitForSingleObject
MoveFileExW
LocalFlags
SetUnhandledExceptionFilter
GetConsoleDisplayMode
CreateMutexW
MulDiv
SetThreadIdealProcessor
SearchPathW
ReadConsoleOutputW
GlobalAlloc
SearchPathA
lstrcatW
BackupSeek
GetVersion
CallNamedPipeW
AreFileApisANSI
InitializeCriticalSectionAndSpinCount
lstrcmpiA
FindVolumeClose
CreateMailslotW
GetTickCount
CallNamedPipeA
lstrcmpiW
GetDateFormatA
GetWindowsDirectoryW
GetDateFormatW
BackupWrite
GetUserDefaultLCID
VirtualProtectEx
GetTempFileNameW
GetTimeFormatW
GlobalWire
GetFileSizeEx
CreateTimerQueueTimer
SetCommTimeouts
CreateFileA
PrepareTape
GetComputerNameExA
GetSystemWindowsDirectoryA
LocalReAlloc
Heap32ListFirst
FindFirstChangeNotificationA
lstrlenA
GlobalFree
GetSystemWindowsDirectoryW
GetEnvironmentStringsW
IsDBCSLeadByte
GetUserGeoID
WinExec
FindFirstChangeNotificationW
CancelWaitableTimer
GetCurrentProcessId
LockResource
GetConsoleTitleW
GetCPInfoExA
SetFilePointer
ReadFile
PeekConsoleInputA
IsBadStringPtrW
UnmapViewOfFile
LocalHandle
IsBadStringPtrA
EnumUILanguagesA
GetTempFileNameA
GetPrivateProfileStructA
GetFileAttributesA
DeleteFiber
PurgeComm
DebugBreak
ActivateActCtx
CreatePipe
LocalAlloc
lstrcatA
GetConsoleCursorInfo
RequestWakeupLatency
GetFileInformationByHandle
GetTapePosition
EnumCalendarInfoExW
WriteConsoleOutputA
GetDiskFreeSpaceW
GetThreadTimes
GlobalMemoryStatusEx
HeapReAlloc
GetStringTypeW
GetProfileIntW
IsWow64Process
ConnectNamedPipe
GetEnvironmentVariableA
GetStringTypeExW
FindClose
BeginUpdateResourceA
SetLastError
VerSetConditionMask
EnumSystemLocalesA
SetThreadPriority
WritePrivateProfileSectionW
FoldStringW
SetProcessAffinityMask
InterlockedExchangeAdd
SetCalendarInfoA
CreateThread
GetSystemTimes
GetDiskFreeSpaceExA
ConvertThreadToFiber
VirtualQuery
DebugActiveProcess
GetConsoleMode
GetCurrentThreadId
AddRefActCtx
WriteConsoleW
GetNativeSystemInfo
EndUpdateResourceW
GetVersionExW
EndUpdateResourceA
Process32Next
GetProcessIoCounters
DecodePointer
SetupComm
GetStartupInfoW
SetVolumeMountPointW
GetProcAddress
GetNamedPipeHandleStateW
EnumDateFormatsExA
lstrcmpA
FindNextFileW
FindFirstFileW
lstrcmpW
EscapeCommFunction
CreateEventW
RemoveVectoredExceptionHandler
AttachConsole
LCMapStringA
GetThreadLocale
LockFile
HeapCompact
EnumTimeFormatsW
FileTimeToLocalFileTime
SizeofResource
CopyFileExA
GetCompressedFileSizeW
ClearCommBreak
EnumTimeFormatsA
GetCommandLineA
SetFirmwareEnvironmentVariableW
MapViewOfFile
VirtualUnlock
GlobalFlags
SetFirmwareEnvironmentVariableA
OpenMutexW
GetModuleHandleW
GetFileAttributesExW
PostQueuedCompletionStatus
SetComputerNameExW
GetOverlappedResult
ScrollConsoleScreenBufferA
ReplaceFileW
SetThreadPriorityBoost
SetDefaultCommConfigW
WritePrivateProfileStructW
Heap32Next
SetErrorMode
GetVolumePathNamesForVolumeNameA
HeapWalk
WideCharToMultiByte
WaitForDebugEvent
SetComputerNameW
SetTapeParameters
InterlockedExchange
GetSystemTimeAsFileTime
Thread32First
SetComputerNameA
QueryDosDeviceA
GetThreadPriority
FreeLibraryAndExitThread
InitializeCriticalSection
SetLocaleInfoA
QueueUserWorkItem
VerLanguageNameA
TlsAlloc
CopyFileA
VerLanguageNameW
SetConsoleScreenBufferSize
HeapSetInformation
EnumCalendarInfoA
SetFileShortNameW
GetPrivateProfileStringA
Heap32First
WriteProfileStringA
GetVolumeInformationW
WriteProfileStringW
GetPrivateProfileStringW
GetFirmwareEnvironmentVariableW
CreateDirectoryExW
InterlockedFlushSList
CreateDirectoryExA
ConvertDefaultLocale
GetProcessPriorityBoost
EnumSystemLanguageGroupsW
ClearCommError
WaitForMultipleObjectsEx
TerminateProcess
LocalCompact
GetSystemWow64DirectoryW
SetCommBreak
TerminateThread
FreeLibrary
QueryPerformanceCounter
GetCommMask
VirtualProtect
LoadLibraryA
ReadProcessMemory
FillConsoleOutputAttribute
GetProcessHeap
QueryDepthSList
GetProfileStringW
SetCriticalSectionSpinCount
GetBinaryTypeW
GetProfileStringA
CreateFileMappingA
DuplicateHandle
GetBinaryTypeA
SetVolumeLabelW
GetTimeZoneInformation
FindFirstVolumeA
GetConsoleWindow
IsDebuggerPresent
GetPrivateProfileSectionA
BuildCommDCBA
GetLastError
GetShortPathNameW
SetConsoleMode
CreateNamedPipeW
GetConsoleCP
GetTapeStatus
CreateNamedPipeA
CreateIoCompletionPort
TransactNamedPipe
SuspendThread
ExpandEnvironmentStringsW
Heap32ListNext
QueryPerformanceFrequency
FindFirstFileA
FreeResource
GetSystemTimeAdjustment
SetCommConfig
DnsHostnameToComputerNameW
ResetWriteWatch
OpenEventW
WriteConsoleOutputCharacterA
GetLongPathNameA
Sleep
VirtualAlloc
DnsHostnameToComputerNameA
MprInfoBlockRemove
MprConfigInterfaceSetInfo
MprAdminMIBEntryGet
MprConfigTransportCreate
MprAdminMIBEntryCreate
MprAdminServerConnect
MprAdminConnectionGetInfo
MprAdminInterfaceUpdatePhonebookInfo
MprAdminMIBEntrySet
MprAdminConnectionClearStats
MprAdminServerGetInfo
MprConfigInterfaceCreate
VarR4CmpR8
VarI4FromR4
VarUI2FromStr
LPSAFEARRAY_UserMarshal
SafeArraySetRecordInfo
VarUI2FromI4
BSTR_UserFree
VarCyFromI1
VarR8FromBool
VarR4FromCy
VarCyRound
VarBoolFromI1
VarCyFromUI2
VarBstrFromR8
SHGetFileInfoA
Ord(180)
SHInvokePrinterCommandW
ExtractIconExA
DragQueryFileW
DragAcceptFiles
SHIsFileAvailableOffline
ExtractIconW
SHQueryRecycleBinW
DragQueryPoint
Ord(179)
DuplicateIcon
DragQueryFileA
ExtractIconA
Shell_NotifyIconA
OpenInputDesktop
LoadMenuA
ScreenToClient
SetPropW
wvsprintfW
IsCharAlphaW
IsWindow
EnableWindow
MoveWindow
SetDlgItemTextW
SendMessageW
GetLastActivePopup
LoadStringW
GetKeyboardLayoutList
MessageBoxW
EnumDisplayDevicesW
InvalidateRect
AnimateWindow
DrawFocusRect
FillRect
LoadCursorW
TabbedTextOutW
SetCursor
rename
strncmp
wcsftime
fseek
sscanf
setlocale
fgetc
wcstoul
memset
fclose
strcat
wcstok
wcstol
vfwprintf
remove
fgets
fflush
strlen
iswgraph
getchar
wcstombs
clearerr
isleadbyte
fwscanf
feof
scanf
fgetpos
system
isxdigit
wcslen
fputs
isalpha
wcsncat
sprintf
asctime
iswalpha
mbstowcs
wctomb
fputwc
strxfrm
iswctype
vwprintf
memcmp
free
iswascii
wcscspn
atoi
vfprintf
atol
calloc
memcpy
towupper
mbtowc
wcsspn
towlower
localeconv
fgetwc
isspace
malloc
wcsxfrm
iswprint
abort
strspn
setvbuf
ungetc
fprintf
isupper
strcmp
fgetws
CoCreateInstance
PdhGetRawCounterValue
PdhCloseQuery
PdhGetDataSourceTimeRangeA
PdhGetCounterInfoW
PdhAddCounterA
PdhEnumObjectsA
PdhMakeCounterPathW
PdhCalculateCounterFromRawValue
PdhGetCounterInfoA
PdhGetCounterTimeBase
PdhUpdateLogA
PdhSetCounterScaleFactor
PdhCollectQueryDataEx
PdhLookupPerfNameByIndexW
PdhExpandWildCardPathW
PdhParseCounterPathW
PdhCollectQueryData
RevokeFormatEnumerator
CoInternetGetSecurityUrl
GetComponentIDFromCLSSPEC
GetClassFileOrMime
HlinkGoBack
CoInternetCompareUrl
CreateURLMoniker
SetSoftwareUpdateAdvertisementState
FindMediaTypeClass
RegisterFormatEnumerator
CoInternetCombineUrl
CompareSecurityIds
URLDownloadToFileW
PE exports
Number of PE resources by type
RT_STRING 9
RT_DIALOG 4
RT_ICON 2
JPG 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
RUSSIAN 20
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
5.1.2600.5512

UninitializedDataSize
0

LanguageCode
Russian

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
361472

EntryPoint
0x8410

OriginalFileName
Text3D

MIMEType
application/octet-stream

LegalCopyright
. .

FileVersion
5.1.2600.5512 (xpsp.080413-2105)

TimeStamp
2015:04:22 11:19:10+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
Text3D

ProductVersion
5.1.2600.5512

FileDescription
" " (Direct3D)

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CodeSize
54272

ProductName
Microsoft Windows

ProductVersionNumber
5.1.2600.5512

FileTypeExtension
dll

ObjectFileType
Executable application

File identification
MD5 57b54e248588af284871c2076f05651c
SHA1 7bb7ac730cf87d0651b9a401ce309118c52187c9
SHA256 8170c29309c2c0a691dddf649973e0c40aff93ad64018864e8911803c28ea35d
ssdeep
6144:e+TBJmjZh+psy67sD5u4W7UZtRbmLwfTUtfk7DPx74uRiUW5DjU8y:pbmjZEpjbw4W7CtRbmLwfwtMZhiUkXB

authentihash 4c0faa1116ae3266c884988b2f1d055394c50cedca4dea0aa2ad37d02d67a847
imphash 59ec061c34674e549ff0d40d968cd869
File size 371.0 KB ( 379904 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
pedll

VirusTotal metadata
First submission 2015-04-22 14:09:30 UTC ( 2 years, 7 months ago )
Last submission 2015-04-23 09:49:21 UTC ( 2 years, 7 months ago )
File names 7.dll
Text3D
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!