× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 92262af686a03bdc754a50ac49a18d6a8c5d05ebcba8112241b7a5728cde0a1b
File name: SWT
Detection ratio: 0 / 65
Analysis date: 2019-04-24 08:11:55 UTC ( 4 weeks ago )
Antivirus Result Update
Acronis 20190423
Ad-Aware 20190424
AegisLab 20190424
AhnLab-V3 20190424
Alibaba 20190402
ALYac 20190424
Antiy-AVL 20190424
Arcabit 20190424
Avast 20190424
Avast-Mobile 20190424
AVG 20190424
Avira (no cloud) 20190424
Baidu 20190318
BitDefender 20190424
Bkav 20190424
CAT-QuickHeal 20190422
ClamAV 20190423
CMC 20190321
Comodo 20190424
Cybereason 20190417
Cyren 20190424
DrWeb 20190424
eGambit 20190424
Emsisoft 20190424
Endgame 20190403
ESET-NOD32 20190424
F-Prot 20190424
F-Secure 20190424
FireEye 20190424
Fortinet 20190424
GData 20190424
Ikarus 20190424
Sophos ML 20190313
Jiangmin 20190424
K7AntiVirus 20190424
K7GW 20190424
Kaspersky 20190424
Kingsoft 20190424
Malwarebytes 20190424
MAX 20190424
McAfee 20190424
McAfee-GW-Edition 20190424
Microsoft 20190424
eScan 20190424
NANO-Antivirus 20190424
Palo Alto Networks (Known Signatures) 20190424
Panda 20190423
Qihoo-360 20190424
Rising 20190424
SentinelOne (Static ML) 20190420
Sophos AV 20190424
SUPERAntiSpyware 20190423
Symantec 20190424
Symantec Mobile Insight 20190418
TACHYON 20190424
Tencent 20190424
TheHacker 20190421
TotalDefense 20190424
Trapmine 20190325
TrendMicro-HouseCall 20190424
Trustlook 20190424
VBA32 20190423
ViRobot 20190424
Yandex 20190423
Zillya 20190423
ZoneAlarm by Check Point 20190424
Zoner 20190424
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) 2000, 2011 IBM Corp. All Rights Reserved.

Product Standard Widget Toolkit
Original name swt-gdip-win32-4236.dll
Internal name SWT
File version 4.236
Description SWT for Windows native library
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-01-15 21:38:42
Entry Point 0x00006351
Number of sections 5
PE sections
PE imports
GetObjectA
GetLastError
TlsGetValue
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
GetOEMCP
LCMapStringA
IsDebuggerPresent
ExitProcess
TlsAlloc
GetEnvironmentStringsW
GetVersionExA
LoadLibraryA
RtlUnwind
GetModuleFileNameA
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
GetEnvironmentStrings
GetLocaleInfoA
GetCurrentProcessId
WideCharToMultiByte
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
TlsFree
GetProcessHeap
RaiseException
GetCPInfo
GetStringTypeA
GetModuleHandleA
SetUnhandledExceptionFilter
WriteFile
GetCurrentProcess
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
GetStringTypeW
TerminateProcess
QueryPerformanceCounter
InitializeCriticalSection
HeapCreate
VirtualFree
HeapDestroy
Sleep
GetFileType
GetTickCount
TlsSetValue
HeapAlloc
GetCurrentThreadId
InterlockedIncrement
VirtualAlloc
SetLastError
LeaveCriticalSection
GdipDeletePrivateFontCollection
GdipSetClipPath
GdipGetFontStyle
GdipMeasureDriverString
GdipDrawRectangleI
GdipCreateFontFromDC
GdipCreateHBITMAPFromBitmap
GdipSaveGraphics
GdipScaleWorldTransform
GdipTranslateMatrix
GdipSetPenBrushFill
GdipFillPolygonI
GdipCreateBitmapFromScan0
GdipGetWorldTransform
GdipGetImagePalette
GdipDisposeImage
GdipCreateRegion
GdipBitmapLockBits
GdipGetFamilyName
GdipGetFontSize
GdipDeleteRegion
GdipGetTextRenderingHint
GdipSetMatrixElements
GdipScaleTextureTransform
GdipSetPenDashArray
GdipGetClipBounds
GdipGetImageWidth
GdipFlush
GdipCreateBitmapFromFileICM
GdipCreateFont
GdipDrawImageI
GdipDrawImageRectRectI
GdipGetClip
GdipClonePath
GdipCloneBrush
GdipCloneStringFormat
GdipFlattenPath
GdipFree
GdipIsVisiblePathPoint
GdipSetCompositingQuality
GdipGetImageHeight
GdipPrivateAddFontFile
GdipTranslateWorldTransform
GdipSetPenDashStyle
GdipSetTextRenderingHint
GdipGetPathLastPoint
GdipGetInterpolationMode
GdipAddPathBezier
GdipMultiplyMatrix
GdipGetLogFontW
GdipSetImageAttributesColorMatrix
GdipAddPathLine
GdipSetPathGradientPath
GdipGetGenericFontFamilySansSerif
GdipCreatePath2I
GdipGetPenFillType
GdipGetPathGradientPointCount
GdipDrawPolygonI
GdipSetPenLineCap197819
GdipFillPieI
GdipGetPathWorldBounds
GdipDeleteStringFormat
GdipMeasureString
GdipTransformMatrixPoints
GdipStringFormatGetGenericDefault
GdipSetPathGradientWrapMode
GdiplusStartup
GdipSetPenLineJoin
GdipGetFamily
GdipFillPath
GdipSetPathGradientPresetBlend
GdipScaleMatrix
GdipSetPenMiterLimit
GdipCreateTexture2
GdipDrawEllipseI
GdipGetPointCount
GdipFillRectangleI
GdipDisposeImageAttributes
GdipCreateBitmapFromHICON
GdipAddPathArc
GdipCreateHICONFromBitmap
GdipClosePathFigure
GdipResetClip
GdipRotateMatrix
GdipSetTextureTransform
GdipCreatePath
GdipSetWorldTransform
GdipRestoreGraphics
GdipCreateLineBrush
GdipSetPenDashOffset
GdipCreateMatrix2
GdipTranslateTextureTransform
GdipSetPathGradientCenterPoint
GdipIsInfiniteRegion
GdipIsOutlineVisiblePathPoint
GdipSetStringFormatFlags
GdipCreateRegionHrgn
GdipDrawPath
GdipShearMatrix
GdiplusShutdown
GdipDeleteFontFamily
GdipAddPathPath
GdipBitmapUnlockBits
GdipCreateBitmapFromFile
GdipSetStringFormatHotkeyPrefix
GdipDeleteFont
GdipSetPixelOffsetMode
GdipSetInterpolationMode
GdipGetImagePaletteSize
GdipCreateBitmapFromHBITMAP
GdipVectorTransformMatrixPoints
GdipSetPenWidth
GdipSetPathGradientCenterColor
GdipStartPathFigure
GdipDrawLineI
GdipIsMatrixIdentity
GdipTranslateLineTransform
GdipResetTextureTransform
GdipGetPathPoints
GdipCreateFontFamilyFromName
GdipAddPathRectangle
GdipDeleteBrush
GdipGetPenBrushFill
GdipInvertMatrix
GdipNewPrivateFontCollection
GdipDrawLinesI
GdipDrawDriverString
GdipScaleLineTransform
GdipSetImageAttributesWrapMode
GdipSetClipRectI
GdipStringFormatGetGenericTypographic
GdipGetStringFormatFlags
GdipGetClipBoundsI
GdipGetImagePixelFormat
GdipGetRegionHRgn
GdipCreateSolidFill
GdipSetPathGradientSurroundColorsWithCount
GdipSetSmoothingMode
GdipCreatePathGradientFromPath
GdipFillEllipseI
GdipDrawArcI
GdipGetDC
GdipGetBrushType
GdipCreateHatchBrush
GdipDeleteMatrix
GdipDeleteGraphics
GdipGetSmoothingMode
GdipCreateFontFromLogfontA
GdipCreateImageAttributes
GdipCreateFromHDC
GdipCreatePen2
GdipCreateRegionPath
GdipSetStringFormatTabStops
GdipSetLinePresetBlend
GdipGetVisibleClipBoundsI
GdipAlloc
GdipTransformPath
GdipGetPathTypes
GdipDeletePath
GdipDeletePen
GdipSetPathFillMode
GdipAddPathString
GdipSetClipRegion
GdipGetMatrixElements
GdipSetLineWrapMode
GdipDrawString
GdipCloneImage
GdipReleaseDC
GdipSetPageUnit
GdipResetLineTransform
PE exports
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
4.2.3.6

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
SWT for Windows native library

ImageFileCharacteristics
Executable, 32-bit, DLL

CharacterSet
Unicode

InitializedDataSize
53248

EntryPoint
0x6351

OriginalFileName
swt-gdip-win32-4236.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) 2000, 2011 IBM Corp. All Rights Reserved.

FileVersion
4.236

TimeStamp
2013:01:15 22:38:42+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
SWT

ProductVersion
0,0,0,0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Windows NT

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Eclipse Foundation

CodeSize
61440

ProductName
Standard Widget Toolkit

ProductVersionNumber
0.0.0.0

FileTypeExtension
dll

ObjectFileType
Dynamic link library

CarbonBlack CarbonBlack acts as a surveillance camera for computers
While monitoring an end-user machine in-the-wild, CarbonBlack noticed the following files in execution wrote this sample to disk.
Compressed bundles
File identification
MD5 0e96693e6168cb21f05313d73e4b7c7b
SHA1 bdf538e1142e7124e01ffae287a2df50318128ba
SHA256 92262af686a03bdc754a50ac49a18d6a8c5d05ebcba8112241b7a5728cde0a1b
ssdeep
3072:9EopYEtP9b/uxtZNVpPbA/thh2nfckw7:9EopYQP9Cx7uL

authentihash 7312d6f939c503ded70db482bc65b9770618a782287a7cd5a62fa5b5a70a0c21
imphash f5db208e23b58146680604e63b4a8ae7
File size 116.0 KB ( 118784 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
pedll

VirusTotal metadata
First submission 2013-08-23 20:12:20 UTC ( 5 years, 9 months ago )
Last submission 2017-02-09 00:46:01 UTC ( 2 years, 3 months ago )
File names swt-gdip-win32-4236.dll
sbs_ve_ambr_20160717214928.587_ 1616740
prf1658.tmp
sbs_ve_ambr_20150918193057.284_ 328747
prf3972.tmp
swt-gdip-win32-4236.dll
swt-gdip-win32-4236.dll
sbs_ve_ambr_20150401024443.106_ 262389
sbs_ve_ambr_20150329211751.249_ 1847
sbs_ve_ambr_20150520090422.141_ 1044398
swt-gdip-win32-4236.dll
0E96693E6168CB21F05313D73E4B7C7B
swt-gdip-win32-4236.dll.ffs_tmp
SWT
sbs_ve_ambr_20161113084926.609_ 487169
prfc005.tmp
sbs_ve_ambr_20160730213635.422_ 143285
sbs_ve_ambr_20160107192754.146_ 711208
swt-gdip-win32-4236.dll
sbs_ve_ambr_20160722213354.965_ 1971652
sbs_ve_ambr_20150330023241.340_ 217152
2263
bdf538e1142e7124e01ffae287a2df50318128ba.svn-base
sbs_ve_ambr_20151107224147.398_ 115793
swt-gdip-win32-4236.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!