× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 818544fbd7ffec57741697bdeb1486b542cb6ba64c8a1e2061ad0f330c2ee8cf
File name: bc303564876fb407642032cf93a93058
Detection ratio: 20 / 64
Analysis date: 2018-03-21 12:10:25 UTC ( 8 months, 3 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Mikey.80188 20180321
AhnLab-V3 Malware/Win64.Generic.C2434601 20180321
ALYac Gen:Variant.Mikey.80188 20180321
Arcabit Trojan.Mikey.D1393C 20180321
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9937 20180321
BitDefender Gen:Variant.Mikey.80188 20180321
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20170201
Cylance Unsafe 20180321
eGambit Unsafe.AI_Score_65% 20180321
Emsisoft Gen:Variant.Mikey.80188 (B) 20180321
Endgame malicious (high confidence) 20180316
ESET-NOD32 a variant of Win64/Kryptik.BJD 20180321
Fortinet W64/Kryptik.BIS!tr 20180321
GData Gen:Variant.Mikey.80188 20180321
Sophos ML heuristic 20180121
Kaspersky HEUR:Trojan.Win32.Generic 20180321
MAX malware (ai score=81) 20180321
eScan Gen:Variant.Mikey.80188 20180321
Rising Trojan.Win64/Kryptik!1.AE02 (CLASSIC) 20180321
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20180321
AegisLab 20180321
Alibaba 20180321
Antiy-AVL 20180321
Avast 20180321
Avast-Mobile 20180321
AVG 20180321
Avira (no cloud) 20180321
AVware 20180321
Bkav 20180321
CAT-QuickHeal 20180321
ClamAV 20180321
CMC 20180321
Comodo 20180321
Cybereason 20180225
Cyren 20180321
DrWeb 20180321
F-Prot 20180321
F-Secure 20180321
Ikarus 20180321
Jiangmin 20180321
K7AntiVirus 20180321
K7GW 20180321
Kingsoft 20180321
Malwarebytes 20180321
McAfee 20180321
McAfee-GW-Edition 20180321
Microsoft 20180321
NANO-Antivirus 20180321
nProtect 20180321
Palo Alto Networks (Known Signatures) 20180321
Panda 20180320
Qihoo-360 20180321
SentinelOne (Static ML) 20180225
Sophos AV 20180321
SUPERAntiSpyware 20180321
Symantec 20180321
Symantec Mobile Insight 20180311
Tencent 20180321
TheHacker 20180319
TotalDefense 20180321
Trustlook 20180321
VBA32 20180321
VIPRE 20180321
ViRobot 20180321
WhiteArmor 20180223
Yandex 20180321
Zillya 20180321
Zoner 20180321
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem that targets 64bit architectures.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserv

Product Microsoft®
Original name wshbth.dll
Internal name wshbt
File version 6.1.7601.17514 (win7sp1_rtm.101119-1850)
Description IE plugin image decoder support DLL
PE header basic information
Target machine x64
Compilation timestamp 2018-03-11 07:22:01
Entry Point 0x00001640
Number of sections 8
PE sections
PE imports
GetOldestEventLogRecord
RegOpenUserClassesRoot
SetTextCharacterExtra
GetBinaryTypeW
GetModuleFileNameW
ExitProcess
GetCurrentThreadId
GetSystemPowerStatus
GetModuleHandleW
EndDeferWindowPos
KillTimer
waveInAddBuffer
HWND_UserSize
GetHGlobalFromILockBytes
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
17.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
11.0.9600.17416

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
614400

EntryPoint
0x1640

OriginalFileName
wshbth.dll

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserv

FileVersion
6.1.7601.17514 (win7sp1_rtm.101119-1850)

TimeStamp
2018:03:11 08:22:01+01:00

FileType
Win64 DLL

PEType
PE32+

InternalName
wshbt

ProductVersion
6.1.7601.17514

FileDescription
IE plugin image decoder support DLL

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
AMD AMD64

CompanyName
Microsoft Corporation

CodeSize
16384

ProductName
Microsoft

ProductVersionNumber
11.0.9600.17416

FileTypeExtension
dll

ObjectFileType
Dynamic link library

File identification
MD5 bc303564876fb407642032cf93a93058
SHA1 c25e130dfa3ea4e5ff63965a7274e0bafa980d8b
SHA256 818544fbd7ffec57741697bdeb1486b542cb6ba64c8a1e2061ad0f330c2ee8cf
ssdeep
12288:zu17fYzZkxRoBG01ZWczj0gojcvUyH8whT4vCLH:zgfKCWG0FHaj5yc/vCr

authentihash 8c81ca45cf1bec9ee5b19f3672d79eff4e3a91e68fd985e6a6b3350659dccc94
imphash 76dbf7fb27ba25ff5c3e0e5c0ad47183
File size 616.0 KB ( 630784 bytes )
File type Win32 DLL
Magic literal
PE32+ executable for MS Windows (DLL) (GUI) Mono/.Net assembly

TrID Win64 Executable (generic) (82.0%)
OS/2 Executable (generic) (6.0%)
Generic Win/DOS Executable (5.9%)
DOS Executable Generic (5.9%)
Tags
64bits assembly pedll

VirusTotal metadata
First submission 2018-03-21 12:10:25 UTC ( 8 months, 3 weeks ago )
Last submission 2018-05-25 19:18:23 UTC ( 6 months, 2 weeks ago )
File names bc303564876fb407642032cf93a93058
wshbth.dll
wshbt
bc303564876fb407642032cf93a93058.dat
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!