× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 87369c2311599b5fa4e29cae292c089f254d7260817ad5ce140c9aa4a399ef14
File name: 38.dll
Detection ratio: 7 / 57
Analysis date: 2015-06-10 13:10:46 UTC ( 3 years, 11 months ago ) View latest
Antivirus Result Update
AVware LooksLike.Win32.Dridex.b (v) 20150610
Bkav HW32.Packed.7885 20150610
F-Secure Trojan:W32/Dridex.G 20150610
Kaspersky UDS:DangerousObject.Multi.Generic 20150610
Qihoo-360 HEUR/QVM40.1.Malware.Gen 20150610
Tencent Trojan.Win32.Qudamah.Gen.23 20150610
VIPRE LooksLike.Win32.Dridex.b (v) 20150610
Ad-Aware 20150610
AegisLab 20150610
Yandex 20150609
AhnLab-V3 20150610
Alibaba 20150610
ALYac 20150610
Antiy-AVL 20150610
Arcabit 20150610
Avast 20150610
AVG 20150610
Avira (no cloud) 20150610
Baidu-International 20150610
BitDefender 20150610
ByteHero 20150610
CAT-QuickHeal 20150610
ClamAV 20150610
CMC 20150610
Comodo 20150610
Cyren 20150610
DrWeb 20150610
Emsisoft 20150610
ESET-NOD32 20150610
F-Prot 20150610
Fortinet 20150610
GData 20150610
Ikarus 20150610
Jiangmin 20150609
K7AntiVirus 20150610
K7GW 20150610
Kingsoft 20150610
Malwarebytes 20150610
McAfee 20150610
McAfee-GW-Edition 20150609
Microsoft 20150610
eScan 20150610
NANO-Antivirus 20150610
nProtect 20150610
Panda 20150610
Rising 20150610
Sophos AV 20150610
SUPERAntiSpyware 20150610
Symantec 20150610
TheHacker 20150609
TotalDefense 20150610
TrendMicro 20150610
TrendMicro-HouseCall 20150610
VBA32 20150609
ViRobot 20150610
Zillya 20150610
Zoner 20150609
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright © 2000 - 2001 S3/Diamond Multimedia

Publisher Microsoft corp.
Product Diamond Rio800
Original name spRio800.dll
File version 1.1.2.1
Description MDM Device Interface for Rio 800 device.
Comments Media Device Manager for Rio 800 device
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-06-10 07:11:29
Entry Point 0x000063A0
Number of sections 4
PE sections
PE imports
BuildCommDCBA
GetLastError
GetMailslotInfo
SetCriticalSectionSpinCount
GetProcessHandleCount
OpenMutexW
LocalAlloc
ConvertFiberToThread
GlobalAlloc
CreateProcessW
QueueUserAPC
InterlockedDecrement
RequestWakeupLatency
GetConsoleTitleA
LocalShrink
GetProcAddress
InterlockedCompareExchange
GetModuleHandleW
GetErrorInfo
ExtractAssociatedIconExW
malloc
memset
memcpy
atol
Number of PE resources by type
RT_STRING 8
RT_VERSION 1
Number of PE resources by language
ENGLISH US 9
PE resources
ExifTool file metadata
UninitializedDataSize
4096

Comments
Media Device Manager for Rio 800 device

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.1.2.1

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
28672

EntryPoint
0x63a0

OriginalFileName
spRio800.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright 2000 - 2001 S3/Diamond Multimedia

FileVersion
1.1.2.1

TimeStamp
2015:06:10 08:11:29+01:00

FileType
Win32 DLL

PEType
PE32

SubsystemVersion
4.0

ProductVersion
1.1.2.1

FileDescription
MDM Device Interface for Rio 800 device.

OSVersion
4.0

FileOS
Windows 32-bit

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft corp.

CodeSize
290816

ProductName
Diamond Rio800

ProductVersionNumber
1.1.2.1

FileTypeExtension
dll

ObjectFileType
Executable application

File identification
MD5 10e4291882e2d45a1a7a52e7d93a5579
SHA1 178edead628caceaba06b5e3d18604f84ae128c0
SHA256 87369c2311599b5fa4e29cae292c089f254d7260817ad5ce140c9aa4a399ef14
ssdeep
6144:3RmEtk5tvCBgITrqYpXc36l/ZHRVGJpps9grnYjc4ItKcVuefHe3+8E3JZZNY/:Bm8UvCNvqur/ZH3upeuAc4I1bVJp

authentihash 81ca46f58c9d28801125ee698186f0f63546fa065be83b765aa4a68d7de9b672
imphash aef885e6352c16ab1f9f8cbf65a9526b
File size 304.0 KB ( 311296 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.4%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
pedll

VirusTotal metadata
First submission 2015-06-10 08:40:08 UTC ( 3 years, 11 months ago )
Last submission 2015-06-24 23:45:54 UTC ( 3 years, 10 months ago )
File names spRio800.dll
38.dll
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!