× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 870489803062a235e79597a65bd86fb5b007d589da43c807b7ce0d7ac844cb25
File name: splashscreen
Detection ratio: 0 / 66
Analysis date: 2018-05-27 12:23:30 UTC ( 7 months, 4 weeks ago )
Antivirus Result Update
Ad-Aware 20180527
AegisLab 20180527
AhnLab-V3 20180526
Alibaba 20180525
ALYac 20180527
Antiy-AVL 20180527
Arcabit 20180527
Avast 20180527
Avast-Mobile 20180527
AVG 20180527
Avira (no cloud) 20180526
AVware 20180527
Babable 20180406
Baidu 20180526
BitDefender 20180527
Bkav 20180525
CAT-QuickHeal 20180527
ClamAV 20180527
CMC 20180526
Comodo 20180526
CrowdStrike Falcon (ML) 20180202
Cybereason None
Cylance 20180527
Cyren 20180527
DrWeb 20180527
eGambit 20180527
Emsisoft 20180527
Endgame 20180507
ESET-NOD32 20180527
F-Prot 20180527
F-Secure 20180527
Fortinet 20180527
GData 20180527
Ikarus 20180527
Sophos ML 20180503
Jiangmin 20180526
K7AntiVirus 20180527
K7GW 20180527
Kaspersky 20180527
Kingsoft 20180527
Malwarebytes 20180527
MAX 20180527
McAfee 20180527
McAfee-GW-Edition 20180527
Microsoft 20180527
eScan 20180527
NANO-Antivirus 20180527
nProtect 20180527
Palo Alto Networks (Known Signatures) 20180527
Panda 20180526
Qihoo-360 20180527
Rising 20180525
SentinelOne (Static ML) 20180225
Sophos AV 20180527
SUPERAntiSpyware 20180526
Symantec 20180526
Symantec Mobile Insight 20180525
Tencent 20180527
TheHacker 20180524
TotalDefense 20180527
TrendMicro 20180527
TrendMicro-HouseCall 20180527
Trustlook 20180527
VBA32 20180525
VIPRE 20180527
ViRobot 20180526
Webroot 20180527
Yandex 20180524
Zillya 20180525
ZoneAlarm by Check Point 20180527
Zoner 20180527
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright © 2012

Product Java(TM) Platform SE 7 U10
Original name splashscreen.dll
Internal name splashscreen
File version 7.0.100.18
Description Java(TM) Platform SE binary
Signature verification Signed file, verified signature
Signing date 7:43 PM 11/28/2012
Signers
[+] Oracle America, Inc.
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer VeriSign Class 3 Code Signing 2009-2 CA
Valid from 1:00 AM 7/7/2010
Valid to 12:59 AM 7/7/2013
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 9E2B73433C7FF0BE9C2E546C46A3D16A6CDACF32
Serial number 5E F1 DC 1E FB 1E 46 B5 DE 80 ED E1 76 2A 55 A7
[+] VeriSign Class 3 Code Signing 2009-2 CA
Status Valid
Issuer Class 3 Public Primary Certification Authority
Valid from 1:00 AM 5/21/2009
Valid to 12:59 AM 5/21/2019
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 12D4872BC3EF019E7E0B6F132480AE29DB5B1CA3
Serial number 65 52 26 E1 B2 2E 18 E1 59 0F 29 85 AC 22 E7 5C
[+] VeriSign Class 3 Public Primary CA
Status Valid
Issuer Class 3 Public Primary Certification Authority
Valid from 1:00 AM 1/29/1996
Valid to 12:59 AM 8/2/2028
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm md2RSA
Thumbprint 742C3192E607E424EB4549542BE1BBC53E6174E2
Serial number 70 BA E4 1D 10 D9 29 34 B6 38 CA 7B 03 CC BA BF
Counter signers
[+] Symantec Time Stamping Services Signer - G3
Status This certificate or one of the certificates in the certificate chain is not time valid., The revocation status of the certificate or one of the certificates in the certificate chain is unknown., Error 65536 (0x10000), The revocation status of the certificate or one of the certificates in the certificate chain is either offline or stale.
Issuer VeriSign Time Stamping Services CA
Valid from 1:00 AM 5/1/2012
Valid to 12:59 AM 1/1/2013
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 8FD99D63FB3AFBD534A4F6E31DACD27F59504021
Serial number 79 A2 A5 85 F9 D1 15 42 13 D9 B8 3E F6 B6 8D ED
[+] VeriSign Time Stamping Services CA
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/4/2003
Valid to 12:59 AM 12/4/2013
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D
Serial number 47 BF 19 95 DF 8D 52 46 43 F7 DB 6D 48 0D 31 A4
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-11-28 18:13:56
Entry Point 0x00022AF9
Number of sections 5
PE sections
Overlays
MD5 a6b135eb64729e8b6997a0058f45dbe2
File type data
Offset 189952
Size 5560
Entropy 7.22
PE imports
GetDeviceCaps
CreateRectRgn
DeleteDC
SelectObject
CreatePalette
SelectPalette
ExtCreateRegion
CombineRgn
CreateDIBSection
CreateCompatibleDC
DeleteObject
RealizePalette
StretchDIBits
GetLastError
GetSystemTimeAsFileTime
EnterCriticalSection
lstrlenA
FreeLibrary
QueryPerformanceCounter
IsDebuggerPresent
ExitProcess
DisableThreadLibraryCalls
LoadLibraryA
GetCurrentProcess
GetCurrentProcessId
UnhandledExceptionFilter
MultiByteToWideChar
GetProcAddress
InterlockedCompareExchange
EncodePointer
RaiseException
CreateThread
GetModuleHandleA
InterlockedExchange
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
DecodePointer
TerminateProcess
InitializeCriticalSection
Sleep
GetTickCount
GetCurrentThreadId
LocalAlloc
LeaveCriticalSection
strncmp
_malloc_crt
malloc
sscanf
fgetc
realloc
fread
fclose
__dllonexit
fprintf
_setjmp3
fopen
strlen
__clean_type_info_names_internal
_amsg_exit
floor
_lock
_onexit
frexp
abs
pow
_initterm_e
memset
longjmp
_unlock
_crt_debugger_hook
memcmp
free
getenv
_except_handler4_common
calloc
atof
memcpy
__iob_func
_encoded_null
modf
__CppXcptFilter
ungetc
_initterm
PE exports
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

FileDescription
Java(TM) Platform SE binary

LinkerVersion
10.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
7.0.100.18

LanguageCode
Neutral

FileFlagsMask
0x003f

FullVersion
1.7.0_10-b18

CharacterSet
Unicode

InitializedDataSize
61440

EntryPoint
0x22af9

OriginalFileName
splashscreen.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright 2012

FileVersion
7.0.100.18

TimeStamp
2012:11:28 19:13:56+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
splashscreen

ProductVersion
7.0.100.18

SubsystemVersion
5.1

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Oracle Corporation

CodeSize
139776

ProductName
Java(TM) Platform SE 7 U10

ProductVersionNumber
7.0.100.18

FileTypeExtension
dll

ObjectFileType
Dynamic link library

CarbonBlack CarbonBlack acts as a surveillance camera for computers
Compressed bundles
File identification
MD5 9bc3153a32b6aad4bf13f7c5387f5339
SHA1 45ddd3b90e0b510ed9e2adba3c3235d8847434f7
SHA256 870489803062a235e79597a65bd86fb5b007d589da43c807b7ce0d7ac844cb25
ssdeep
3072:msEwu0xNs0y3uWzNvdZFapnpV46q9wWGqW5JdlNGisnMmeV04ly9TBfU3N2G:JTE3uWzNvdj4npqB9b+Vnly9TBM3IG

authentihash 0811a99b0a7e4d905bf84f9862644715323c22420335807c74fcaf4874086791
imphash 1658b1208108c4c8b94da22554695538
File size 190.9 KB ( 195512 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
pedll signed overlay

VirusTotal metadata
First submission 2013-06-03 14:47:40 UTC ( 5 years, 7 months ago )
Last submission 2018-05-27 12:23:30 UTC ( 7 months, 4 weeks ago )
File names splashscreen.dll
sbs_ve_ambr_20160002041628.222_ 108
splashscreen.dll
sbs_ve_ambr_20160218042517.708_ 108
splashscreen.dll
splashscreen.dll
9bc3153a32b6aad4bf13f7c5387f5339
splashscreen.dll
splashscreen.dll
splashscreen.dll
splashscreen.dll
splashscreen.dll
splashscreen
splashscreen.dll
splashscreen.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!