× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9d73e4410440f19cbde9c2fe4eae9c343a58295ac4a52af4afd2b6ad75e67a29
File name: prmtctlresrus.dll
Detection ratio: 0 / 47
Analysis date: 2013-07-14 10:44:19 UTC ( 5 years, 8 months ago )
Antivirus Result Update
Yandex 20130710
AhnLab-V3 20130710
AntiVir 20130710
Antiy-AVL 20130710
Avast 20130710
AVG 20130710
BitDefender 20130710
ByteHero 20130613
CAT-QuickHeal 20130708
ClamAV 20130710
Commtouch 20130710
Comodo 20130709
DrWeb 20130710
Emsisoft 20130710
eSafe 20130709
ESET-NOD32 20130710
F-Prot 20130710
F-Secure 20130710
Fortinet 20130710
GData 20130710
Ikarus 20130710
Jiangmin 20130710
K7AntiVirus 20130709
K7GW 20130709
Kaspersky 20130710
Kingsoft 20130708
Malwarebytes 20130710
McAfee 20130710
McAfee-GW-Edition 20130710
Microsoft 20130710
eScan 20130710
NANO-Antivirus 20130710
Norman 20130708
nProtect 20130710
Panda 20130710
PCTools 20130710
Rising 20130709
Sophos AV 20130710
SUPERAntiSpyware 20130710
Symantec 20130710
TheHacker 20130710
TotalDefense 20130710
TrendMicro 20130710
TrendMicro-HouseCall 20130710
VBA32 20130710
VIPRE 20130710
ViRobot 20130710
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright (c) PROMT Ltd., 2003-2011

Publisher PROMT
Product Machine Translation Systems of PROMT company
Version 9.00
Original name PRMTCTLRESXXX.DLL
Internal name PRMTCTL
File version 9.1.100
Description PROMT Translation Kernel resource
Comments PROMT Translation Kernel resource dll
Signature verification Signed file, verified signature
Signing date 2:27 PM 9/16/2011
Signers
[+] PROMT
Status Certificate out of its validity period
Issuer None
Valid from 1:00 AM 9/23/2009
Valid to 12:59 AM 11/23/2012
Valid usage Code Signing
Algorithm SHA1
Thumbprint 77B8C8B0F0049EE974F1A4846FC5D4CCF0691B20
Serial number 16 E3 67 86 41 6B 8B A8 55 35 93 A4 52 5D E1 0B
[+] VeriSign Class 3 Code Signing 2009-2 CA
Status Valid
Issuer None
Valid from 1:00 AM 5/21/2009
Valid to 12:59 AM 5/21/2019
Valid usage Client Auth, Code Signing
Algorithm SHA1
Thumbprint 12D4872BC3EF019E7E0B6F132480AE29DB5B1CA3
Serial number 65 52 26 E1 B2 2E 18 E1 59 0F 29 85 AC 22 E7 5C
[+] VeriSign Class 3 Public Primary Certification Authority (PCA3 G1 SHA1)
Status Valid
Issuer None
Valid from 1:00 AM 1/29/1996
Valid to 12:59 AM 8/3/2028
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm SHA1
Thumbprint A1DB6393916F17E4185509400415C70240B0AE6B
Serial number 3C 91 31 CB 1F F6 D0 1B 0E 9A B8 D0 44 BF 12 BE
Counter signers
[+] VeriSign Time Stamping Services Signer - G2
Status Certificate out of its validity period
Issuer None
Valid from 1:00 AM 6/15/2007
Valid to 12:59 AM 6/15/2012
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint ADA8AAA643FF7DC38DD40FA4C97AD559FF4846DE
Serial number 38 25 D7 FA F8 61 AF 9E F4 90 E7 26 B5 D6 5A D5
[+] VeriSign Time Stamping Services CA
Status Valid
Issuer None
Valid from 1:00 AM 12/4/2003
Valid to 12:59 AM 12/4/2013
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D
Serial number 47 BF 19 95 DF 8D 52 46 43 F7 DB 6D 48 0D 31 A4
[+] Thawte Timestamping CA
Status Valid
Issuer None
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm MD5
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-09-16 13:27:51
Number of sections 3
PE sections
Number of PE resources by type
RT_DIALOG 38
RT_ICON 33
RT_STRING 25
RT_CURSOR 22
RT_GROUP_CURSOR 11
RT_MENU 9
RT_GROUP_ICON 8
REGISTRY 4
RT_BITMAP 4
Struct(240) 2
AVI 2
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 85
RUSSIAN 74
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

Comments
PROMT Translation Kernel resource dll

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
9.1.100.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
159744

FileOS
Win32

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) PROMT Ltd., 2003-2011

FileVersion
9.1.100

TimeStamp
2011:09:16 14:27:51+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
PRMTCTL

SubsystemVersion
4.0

ProductVersion
9.0

FileDescription
PROMT Translation Kernel resource

OSVersion
4.0

OriginalFilename
PRMTCTLRESXXX.DLL

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
PROMT Ltd.

CodeSize
0

ProductName
Machine Translation Systems of PROMT company

ProductVersionNumber
9.0.0.0

EntryPoint
0x0000

ObjectFileType
Dynamic link library

Compressed bundles
File identification
MD5 b583c5d6a1b66cc57eb3eb0ee854ba02
SHA1 c925f404ab07432ed5326f1ca55ea308dd03d78e
SHA256 9d73e4410440f19cbde9c2fe4eae9c343a58295ac4a52af4afd2b6ad75e67a29
ssdeep
1536:Ih9yIyVs5grhD4uHu/3QcXoZF7OVx5WyThl9I4mL8H5yQU395yCGHh+k4/K7+kY/:4QIyC5i4uH23QcXgyTqpIxApGHk8rWh

File size 165.4 KB ( 169352 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
signed pedll

VirusTotal metadata
First submission 2013-07-14 07:53:45 UTC ( 5 years, 8 months ago )
Last submission 2013-07-14 10:44:19 UTC ( 5 years, 8 months ago )
File names vt-upload-dUANX
PRMTCTL
PRMTCTLRESXXX.DLL
PrmtCtlResRUS.dll
prmtctlresrus.dll
vt-upload-NW38K
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!