× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 82d3956825775b2a3e546a54fa9e32e7d5fd6d94b6f37a1754f188464ae0313d
File name: libgdk_pixbuf-2.0-0
Detection ratio: 0 / 67
Analysis date: 2018-11-14 03:03:07 UTC ( 3 months, 1 week ago )
Antivirus Result Update
Ad-Aware 20181112
AegisLab 20181114
AhnLab-V3 20181114
Alibaba 20180921
ALYac 20181114
Antiy-AVL 20181114
Arcabit 20181114
Avast 20181114
Avast-Mobile 20181113
AVG 20181114
Avira (no cloud) 20181114
Babable 20180918
Baidu 20181112
BitDefender 20181114
Bkav 20181113
CAT-QuickHeal 20181113
ClamAV 20181114
CMC 20181113
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20181114
Cyren 20181114
DrWeb 20181114
eGambit 20181114
Emsisoft 20181114
Endgame 20181108
ESET-NOD32 20181113
F-Prot 20181114
F-Secure 20181114
Fortinet 20181114
GData 20181114
Ikarus 20181113
Sophos ML 20181108
Jiangmin 20181114
K7AntiVirus 20181113
K7GW 20181113
Kaspersky 20181113
Kingsoft 20181114
Malwarebytes 20181113
MAX 20181114
McAfee 20181113
McAfee-GW-Edition 20181113
Microsoft 20181114
eScan 20181114
NANO-Antivirus 20181114
Palo Alto Networks (Known Signatures) 20181114
Panda 20181113
Qihoo-360 20181114
Rising 20181114
SentinelOne (Static ML) 20181011
Sophos AV 20181113
SUPERAntiSpyware 20181114
Symantec 20181114
Symantec Mobile Insight 20181108
TACHYON 20181114
Tencent 20181114
TheHacker 20181113
TotalDefense 20181113
TrendMicro 20181114
TrendMicro-HouseCall 20181114
Trustlook 20181114
VBA32 20181113
VIPRE 20181114
ViRobot 20181113
Webroot 20181114
Yandex 20181113
Zillya 20181113
ZoneAlarm by Check Point 20181114
Zoner 20181114
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 1999 The Free Software Foundation. Modified by the GTK+ Team and others 1999-2005.

Product GTK+
Original name libgdk_pixbuf-2.0-0.dll
Internal name libgdk_pixbuf-2.0-0
File version 2.16.6.0
Description GIMP Toolkit
Packers identified
F-PROT UPX
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-06-14 03:24:29
Entry Point 0x00032070
Number of sections 3
PE sections
Overlays
MD5 ec2ee17380374b4cfa0d7eadc17519cf
File type ASCII text
Offset 73216
Size 14
Entropy 3.09
PE imports
VirtualProtect
VirtualFree
LoadLibraryA
VirtualAlloc
GetProcAddress
CreateStreamOnHGlobal
g_io_error_quark
g_module_error
PE exports
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
135168

LinkerVersion
2.56

ImageVersion
1.0

FileSubtype
0

FileVersionNumber
2.16.6.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
GIMP Toolkit

ImageFileCharacteristics
Executable, No line numbers, No symbols, 32-bit, No debug, DLL

CharacterSet
Unicode

InitializedDataSize
8192

EntryPoint
0x32070

OriginalFileName
libgdk_pixbuf-2.0-0.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 1999 The Free Software Foundation. Modified by the GTK+ Team and others 1999-2005.

FileVersion
2.16.6.0

TimeStamp
2011:06:14 04:24:29+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
libgdk_pixbuf-2.0-0

ProductVersion
2.16.6

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
The GTK developer community

CodeSize
69632

ProductName
GTK+

ProductVersionNumber
2.16.6.0

FileTypeExtension
dll

ObjectFileType
Dynamic link library

CarbonBlack CarbonBlack acts as a surveillance camera for computers
Execution parents
Compressed bundles
File identification
MD5 b76d717da3aba8cd851c7dbb3583a3df
SHA1 2d91b658508c64b9de2233e3174b38814f622024
SHA256 82d3956825775b2a3e546a54fa9e32e7d5fd6d94b6f37a1754f188464ae0313d
ssdeep
1536:Op4L0ppJ4RjCEAiPE8Axikfg//9pLSWdglHL4TGDTr:y4QnkjCviPE8Kimi/whZXr

authentihash 48dd043249219feee7a483bc7aa45734fe3dd660f01ae73342ac2d44c8ef3f1c
imphash 555e2916107165c1c1be112a355d5c9e
File size 71.5 KB ( 73230 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (38.2%)
Win32 EXE Yoda's Crypter (37.5%)
Win32 Dynamic Link Library (generic) (9.2%)
Win32 Executable (generic) (6.3%)
OS/2 Executable (generic) (2.8%)
Tags
pedll upx overlay

VirusTotal metadata
First submission 2011-06-15 19:53:24 UTC ( 7 years, 8 months ago )
Last submission 2018-05-17 04:28:06 UTC ( 9 months, 1 week ago )
File names smona131139552539169155339
libgdk_pixbuf_2.0_0.dll
smona132555480350775730288
smona131738789370746820906
smona131623031922449576594
libgdk_pixbuf-2.0-0.dll
libgdk_pixbuf-2.0-0
libgdk_pixbuf-2.0-0.dll.tmp
libgdk_pixbuf-2.0-0.dll
file-3259048_dll
smona132581986149196226928
b76d717da3aba8cd851c7dbb3583a3df
fwi3mwcqrrsltxrcgprroszyqfhweibe.dll
smona132521486427719942134
smona131473293512259096435
smona132268122735887671264
smona_82d3956825775b2a3e546a54fa9e32e7d5fd6d94b6f37a1754f188464ae0313d.bin
smona132762932649547280867
smona132778978793373752471
smona131427881462268391344
file-2743156_dll
14F1EE9D0E18D8FB1ECC01E4C7B7FE00938A511F.dll
smona132100384565511170815
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!