× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8b487d2bcad486c18674205965fb8a96541c476723ca5d0aeb1f7bca573ba3af
File name: vt-upload-e0IdKM
Detection ratio: 0 / 51
Analysis date: 2014-03-27 09:01:51 UTC ( 5 years ago )
Antivirus Result Update
Ad-Aware 20140327
AegisLab 20140327
Yandex 20140326
AhnLab-V3 20140327
AntiVir 20140327
Antiy-AVL 20140327
Avast 20140327
AVG 20140327
Baidu-International 20140327
BitDefender 20140327
Bkav 20140327
ByteHero 20140327
CAT-QuickHeal 20140327
ClamAV 20140327
CMC 20140326
Commtouch 20140327
Comodo 20140327
DrWeb 20140327
Emsisoft 20140327
ESET-NOD32 20140327
F-Prot 20140327
F-Secure 20140327
Fortinet 20140327
GData 20140327
Ikarus 20140327
Jiangmin 20140327
K7AntiVirus 20140326
K7GW 20140326
Kaspersky 20140327
Kingsoft 20140327
Malwarebytes 20140327
McAfee 20140327
McAfee-GW-Edition 20140327
Microsoft 20140327
eScan 20140327
NANO-Antivirus 20140327
Norman 20140327
nProtect 20140326
Panda 20140326
Qihoo-360 20140327
Rising 20140327
Sophos AV 20140327
SUPERAntiSpyware 20140327
Symantec 20140327
TheHacker 20140327
TotalDefense 20140326
TrendMicro 20140327
TrendMicro-HouseCall 20140327
VBA32 20140326
VIPRE 20140326
ViRobot 20140327
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© ?????????? ??????????. ??? ????? ????????.

Publisher ?????????? ??????????
Product ???????????? ??????? Microsoft® Windows®
Original name ntlanui2.dll
Internal name ntlanui2
File version 5.1.2600.0 (xpclient.010817-1148)
Description ????????? ???????????? ???????? ??????? ????????
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2001-10-19 20:04:45
Entry Point 0x00001E2E
Number of sections 4
PE sections
PE imports
LsaQueryInformationPolicy
LsaFreeMemory
RegCloseKey
LsaClose
RegOpenKeyExW
LsaOpenPolicy
Ord(17)
DestroyPropertySheetPage
CreatePropertySheetPageW
FormatMessageW
LoadLibraryW
InterlockedDecrement
DisableThreadLibraryCalls
GetProcAddress
InterlockedIncrement
NetServerGetInfo
NetApiBufferAllocate
NetWkstaGetInfo
NetApiBufferFree
SetWindowLongW
MessageBoxW
wsprintfW
WinHelpW
SetDlgItemTextW
LoadStringW
LoadCursorW
DestroyCursor
GetWindowLongW
RegisterClipboardFormatW
SetCursor
malloc
??2@YAPAXI@Z
wcschr
_adjust_fdiv
??3@YAXPAX@Z
free
_initterm
RtlInitUnicodeString
ReleaseStgMedium
PE exports
Number of PE resources by type
RT_ICON 25
RT_DIALOG 4
RT_GROUP_ICON 4
RT_STRING 3
RT_MESSAGETABLE 1
RT_VERSION 1
Number of PE resources by language
RUSSIAN 38
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
7.0

ImageVersion
5.1

FileSubtype
0

FileVersionNumber
5.1.2600.0

LanguageCode
Russian

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
90624

FileOS
Windows NT 32-bit

MIMEType
application/octet-stream

LegalCopyright
. .

FileVersion
5.1.2600.0 (xpclient.010817-1148)

TimeStamp
2001:10:19 21:04:45+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
ntlanui2

FileAccessDate
2014:03:27 10:05:25+01:00

ProductVersion
5.1.2600.0

SubsystemVersion
4.0

OSVersion
5.1

FileCreateDate
2014:03:27 10:05:25+01:00

OriginalFilename
ntlanui2.dll

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
5120

ProductName
Microsoft Windows

ProductVersionNumber
5.1.2600.0

EntryPoint
0x1e2e

ObjectFileType
Executable application

File identification
MD5 01f9d5fe7a05634d4808ab91cc856f07
SHA1 d64a47f011187222e6a6a1c7a13883ff9ed8bf7b
SHA256 8b487d2bcad486c18674205965fb8a96541c476723ca5d0aeb1f7bca573ba3af
ssdeep
1536:2pUUjQKHUwvX5oFTTCa+3svzpzz+egAWO0k01frWqk+ffe:l8Z0wvyCVMZr6Wq1ffe

imphash 48e2606fd478ea31b5ebb81936cc06cb
File size 94.5 KB ( 96768 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID DirectShow filter (93.0%)
Win32 Dynamic Link Library (generic) (3.0%)
Win32 Executable (generic) (2.0%)
Generic Win/DOS Executable (0.9%)
DOS Executable Generic (0.9%)
Tags
pedll

VirusTotal metadata
First submission 2014-03-27 09:01:51 UTC ( 5 years ago )
Last submission 2014-03-27 09:01:51 UTC ( 5 years ago )
File names vt-upload-e0IdKM
ntlanui2.dll
ntlanui2
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!