× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 90dfe6498f856c99a4b9bada4165d8daefc9dcab5dcc1a51ff789b4b04bb6024
File name: vt-upload-UdhB15
Detection ratio: 1 / 49
Analysis date: 2013-12-13 09:38:37 UTC ( 4 years, 4 months ago )
Antivirus Result Update
Symantec WS.Reputation.1 20131213
Ad-Aware 20131211
Yandex 20131212
AhnLab-V3 20131212
AntiVir 20131213
Antiy-AVL 20131210
Avast 20131213
AVG 20131213
Baidu-International 20131213
BitDefender 20131211
Bkav 20131212
ByteHero 20130613
CAT-QuickHeal 20131209
ClamAV 20131213
CMC 20131213
Commtouch 20131213
Comodo 20131213
DrWeb 20131213
Emsisoft 20131213
ESET-NOD32 20131213
F-Prot 20131213
F-Secure 20131213
Fortinet 20131212
GData 20131213
Ikarus 20131213
Jiangmin 20131213
K7AntiVirus 20131212
K7GW 20131212
Kaspersky 20131213
Kingsoft 20130829
Malwarebytes 20131213
McAfee 20131213
McAfee-GW-Edition 20131213
Microsoft 20131213
eScan 20131213
NANO-Antivirus 20131213
Norman 20131213
nProtect 20131212
Panda 20131213
Rising 20131210
Sophos AV 20131213
SUPERAntiSpyware 20131213
TheHacker 20131212
TotalDefense 20131212
TrendMicro 20131213
TrendMicro-HouseCall 20131213
VBA32 20131213
VIPRE 20131213
ViRobot 20131213
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Publisher Microsoft Corporation
Product Microsoft® Windows® Operating System
Original name wpdshext.dll
Internal name wpdshext
File version 6.1.7601.17514 (win7sp1_rtm.101119-1850)
Description Portable Devices Shell Extension
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-11-20 12:09:07
Entry Point 0x000016D6
Number of sections 4
PE sections
PE imports
CryptDestroyKey
RegisterTraceGuidsW
CryptReleaseContext
RegCloseKey
GetTraceEnableLevel
RegEnumKeyW
CryptSignHashW
UnregisterTraceGuids
RegOpenKeyExW
GetTraceLoggerHandle
CryptAcquireContextW
CryptImportKey
GetTraceEnableFlags
CryptHashData
TraceEvent
TraceMessage
RegQueryValueExW
CryptDestroyHash
CryptCreateHash
GetDeviceCaps
DeleteDC
DeleteObject
GetStockObject
CreateDIBSection
CreateCompatibleDC
GetTextExtentPoint32W
GetTextExtentPointW
GetDriveTypeW
FileTimeToSystemTime
WaitForSingleObject
HeapDestroy
EnumUILanguagesW
GetFileAttributesW
SystemTimeToTzSpecificLocalTime
DeleteCriticalSection
GetCurrentProcess
LocalAlloc
GetFileInformationByHandle
GetLocaleInfoW
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
FreeLibrary
LocalFree
FormatMessageW
InitializeCriticalSection
LoadResource
InterlockedDecrement
SetFileAttributesW
OutputDebugStringA
SetLastError
GetUserDefaultUILanguage
GetSystemTime
GetModuleFileNameW
HeapAlloc
CompareStringOrdinal
GetVersionExA
lstrcmpiW
RaiseException
LoadLibraryExA
DelayLoadFailureHook
UnhandledExceptionFilter
SetFilePointerEx
CreateThread
GetSystemDirectoryW
SetUnhandledExceptionFilter
MulDiv
TzSpecificLocalTimeToSystemTime
TerminateProcess
GetVersion
GlobalAlloc
GetCurrentThreadId
InterlockedIncrement
GetNumberFormatW
CreateToolhelp32Snapshot
HeapFree
EnterCriticalSection
LoadLibraryW
SetEvent
QueryPerformanceCounter
GetTickCount
DisableThreadLibraryCalls
FlushFileBuffers
LoadLibraryA
GlobalSize
DosDateTimeToFileTime
OpenProcess
GetDateFormatW
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
GetTimeFormatW
GlobalReAlloc
ExpandEnvironmentStringsW
ResetEvent
lstrcmpW
WaitForMultipleObjects
GlobalLock
GetTempPathW
CreateEventW
CreateFileW
LeaveCriticalSection
GetLastError
SystemTimeToFileTime
GlobalFree
FindResourceW
GetProcessTimes
GlobalUnlock
lstrlenW
Process32NextW
FileTimeToLocalFileTime
SizeofResource
CompareFileTime
GetCurrentProcessId
LockResource
HeapSize
InterlockedCompareExchange
Process32FirstW
QueryPerformanceFrequency
GetModuleHandleA
ReadFile
CloseHandle
GetModuleHandleW
FindResourceExW
Sleep
Ord(156)
AssocQueryKeyW
Ord(172)
Ord(219)
StrRetToBufW
PathFindExtensionW
Ord(7)
SHStrDupW
Ord(174)
SHGetValueW
SHRegGetValueW
Ord(168)
PathAddBackslashW
StrFormatByteSizeW
StrCmpIW
PathCombineW
StrCSpnW
Ord(215)
Ord(9)
StrCmpLogicalW
PathRemoveFileSpecW
PathStripPathW
Ord(388)
StrStrIW
PathAppendW
SHGetThreadRef
Ord(176)
StrCmpW
Ord(10)
PathFindFileNameW
AssocCreate
Ord(158)
Ord(16)
StrStrW
PathRemoveBlanksW
PathRemoveExtensionW
Ord(8)
Ord(199)
SetFocus
GetForegroundWindow
GetParent
EndDialog
DestroyWindow
DefWindowProcW
FindWindowW
KillTimer
DestroyMenu
GetShellWindow
ShowWindow
LoadMenuW
SetWindowPos
RemoveMenu
GetWindowThreadProcessId
GetSystemMetrics
SetWindowLongW
DestroyIcon
GetWindowRect
EnableWindow
UnhookWindowsHookEx
DialogBoxParamW
SendDlgItemMessageW
GetWindow
PostMessageW
GetSysColor
RegisterClipboardFormatW
GetDC
CopyImage
GetCursorPos
ReleaseDC
GetDlgCtrlID
CheckDlgButton
SendMessageW
UnregisterClassA
GetLastActivePopup
GetWindowLongW
LoadStringW
GetClassInfoW
GetDlgItem
SetMenuDefaultItem
GetClientRect
ScreenToClient
CallNextHookEx
GetSubMenu
SetTimer
LoadImageW
GetClassNameW
TrackPopupMenu
RegisterClassW
SwitchToThisWindow
IsDlgButtonChecked
SetWindowTextW
GetWindowTextW
SetDlgItemTextW
SetWindowsHookExW
LoadCursorW
LoadIconW
SendMessageTimeoutW
CreateWindowExW
InsertMenuW
GetMenuItemCount
SetForegroundWindow
CharNextW
IsChild
GetMenuItemInfoW
timeKillEvent
timeSetEvent
GdipSetClipRectI
GdipAlloc
GdipGetImageEncodersSize
GdipCreateBitmapFromGraphics
GdipGetImageHeight
GdipFillPieI
GdipCreateSolidFill
GdipCreateBitmapFromScan0
GdipFillEllipseI
GdipDrawEllipseI
GdipGetImageEncoders
GdipDisposeImage
GdipDrawArcI
GdipCreateHBITMAPFromBitmap
GdiplusStartup
GdipCreateBitmapFromStreamICM
GdipSetSolidFillColor
GdipDeleteGraphics
GdipDrawPieI
GdipCreateBitmapFromStream
GdipCreateFromHDC
GdipCreatePen1
GdipSetInterpolationMode
GdipSaveImageToStream
GdipGetImageWidth
GdipCreateBitmapFromHBITMAP
GdipDrawImageRect
GdipGetImageGraphicsContext
GdiplusShutdown
GdipDrawImageRectRectI
GdipDeletePath
GdipDeletePen
GdipFillRectangleI
GdipCloneBrush
GdipDrawLineI
GdipSetCompositingMode
GdipFree
GdipDeleteBrush
GdipCloneImage
GdipCreatePath
GdipAddPathArcI
GdipGetPathLastPoint
malloc
??1type_info@@UAE@XZ
memset
__dllonexit
_ftol2
_CxxThrowException
wcstol
wcstok_s
_vsnwprintf
_ui64tow
_amsg_exit
?terminate@@YAXXZ
_wsplitpath_s
_lock
_onexit
_ftol2_sse
_XcptFilter
_wcsicmp
memmove_s
_unlock
_CIsqrt
ceil
_CIlog
_except_handler4_common
free
calloc
memcpy
vswprintf_s
memcpy_s
__CxxFrameHandler3
wcscspn
_vscwprintf
iswspace
wcsstr
_initterm
PE exports
Number of PE resources by type
RT_ICON 210
RT_GROUP_ICON 31
RT_MANIFEST 1
REGINST 1
MUI 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 245
PE resources
ExifTool file metadata
SubsystemVersion
6.1

InitializedDataSize
1689088

ImageVersion
6.1

ProductName
Microsoft Windows Operating System

FileVersionNumber
6.1.7601.17514

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
9.0

OriginalFilename
wpdshext.dll

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
6.1.7601.17514 (win7sp1_rtm.101119-1850)

TimeStamp
2010:11:20 13:09:07+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
wpdshext

FileAccessDate
2013:12:13 10:42:02+01:00

ProductVersion
6.1.7601.17514

FileDescription
Portable Devices Shell Extension

OSVersion
6.1

FileCreateDate
2013:12:13 10:42:02+01:00

FileOS
Windows NT 32-bit

LegalCopyright
Microsoft Corporation. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
648192

FileSubtype
0

ProductVersionNumber
6.1.7601.17514

EntryPoint
0x16d6

ObjectFileType
Dynamic link library

File identification
MD5 2e5b4ec682c6c17b82e2cecd75889b25
SHA1 cb992b8e052e49b2388645766111afc7778bc661
SHA256 90dfe6498f856c99a4b9bada4165d8daefc9dcab5dcc1a51ff789b4b04bb6024
ssdeep
24576:kvi64krRsstXCGXWfVOCWut+5q0NPno9nN2P+vh7QB/s1Y5m1h1MRJP9d6tKJ8g:khXt/XAVMuXNw+vhQ75m1r4Dd6kx

File size 2.2 MB ( 2338304 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID DirectShow filter (55.3%)
Windows ActiveX control (31.9%)
Win32 Executable MS Visual C++ (generic) (8.5%)
Win32 Dynamic Link Library (generic) (1.8%)
Win32 Executable (generic) (1.2%)
Tags
pedll

VirusTotal metadata
First submission 2013-12-13 09:38:37 UTC ( 4 years, 4 months ago )
Last submission 2013-12-13 09:38:37 UTC ( 4 years, 4 months ago )
File names wpdshext
wpdshext.dll
wpdshext.dll
wpdshext.dll
wpdshext.dll
wpdshext.dll
vt-upload-UdhB15
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!