× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8b2cbe8e5a581a91c931e09421cbbb1b95735de050f97d8e42746ae678548685
File name: smoke_core.dll
Detection ratio: 6 / 52
Analysis date: 2016-08-04 12:22:07 UTC ( 1 year, 9 months ago ) View latest
Antivirus Result Update
AhnLab-V3 Trojan/Win32.Dofoil.C254699 20160804
Avast Sf:Injector-AK [Trj] 20160804
Avira (no cloud) TR/Crypt.XPACK.Gen 20160804
DrWeb Trojan.DownLoader21.63824 20160804
ESET-NOD32 a variant of Win32/TrojanDownloader.Zurgop.BX 20160804
Qihoo-360 HEUR/QVM39.1.0000.Malware.Gen 20160804
Ad-Aware 20160804
AegisLab 20160804
Alibaba 20160804
ALYac 20160804
Antiy-AVL 20160804
Arcabit 20160804
AVG 20160804
AVware 20160804
Baidu 20160804
BitDefender 20160804
Bkav 20160804
CAT-QuickHeal 20160803
ClamAV 20160804
CMC 20160804
Comodo 20160804
Cyren 20160804
Emsisoft 20160804
F-Prot 20160804
Fortinet 20160804
GData 20160804
Ikarus 20160804
Jiangmin 20160804
K7AntiVirus 20160804
K7GW 20160804
Kaspersky 20160804
Kingsoft 20160804
Malwarebytes 20160804
McAfee 20160804
McAfee-GW-Edition 20160804
Microsoft 20160804
eScan 20160804
NANO-Antivirus 20160804
nProtect 20160804
Panda 20160803
Sophos AV 20160804
SUPERAntiSpyware 20160804
Symantec 20160804
Tencent 20160804
TheHacker 20160804
TrendMicro 20160804
TrendMicro-HouseCall 20160804
VBA32 20160804
VIPRE 20160804
ViRobot 20160803
Zillya 20160804
Zoner 20160804
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x00004510
Number of sections 7
PE sections
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
dll

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
13824

LinkerVersion
2.25

EntryPoint
0x4510

InitializedDataSize
6656

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 8932d2eacc4dfc7b2f0a94363a854610
SHA1 7f30b479ba5a341d959f2bfa023724d6c4076f6f
SHA256 8b2cbe8e5a581a91c931e09421cbbb1b95735de050f97d8e42746ae678548685
ssdeep
384:BcURTxLHJK801exBICU9EI0t/P84YsMlslD1Mxtb:BcUXLHJK801RCU9EI0t/kzsMlo1Mb

authentihash 3761c1e60513ec466055f4cdfd0ba2a3a84940c9025baf4ae4735f0fdadae18a
File size 21.0 KB ( 21504 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.3%)
Win32 Executable (generic) (26.2%)
Win16/32 Executable Delphi generic (12.0%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
pedll

VirusTotal metadata
First submission 2016-08-04 12:22:07 UTC ( 1 year, 9 months ago )
Last submission 2016-08-04 12:22:07 UTC ( 1 year, 9 months ago )
File names smoke_core.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!