× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9e0349256a52e803bcdbbb2cedcfe378b125cf597ba28b382307bb515513a852
File name: 505a5510c631b5f4d2f63c9980080af28cc6a1de_uy6re3uxl4s8qwlc0nlvt4wu...
Detection ratio: 48 / 56
Analysis date: 2015-01-12 20:45:59 UTC ( 4 years, 1 month ago )
Antivirus Result Update
Ad-Aware Trojan.Generic.3176631 20150112
Yandex Trojan.DR.TDSS!mXZYZBvz8Nk 20150112
AhnLab-V3 Win-Trojan/TDSS4.Gen 20150112
ALYac Trojan.Generic.3176631 20150112
Antiy-AVL Trojan[Packed]/Win32.Krap 20150112
Avast Win32:Fraudo [Trj] 20150112
AVG Downloader.Agent2.RDC 20150112
Avira (no cloud) TR/Crypt.XPACK.Gen 20150110
AVware Trojan-Dropper.Win32.TDSS.h (v) 20150112
Baidu-International Trojan.Win32.Krap.AKx 20150112
BitDefender Trojan.Generic.3176631 20150112
CAT-QuickHeal Win32.Rootkit.TDSS.eyj.5 20150112
ClamAV Trojan.Downloader-87622 20150112
Comodo TrojWare.Win32.TrojanDownloader.Adload.NFW0 20150112
Cyren W32/Alureon.J.gen!Eldorado 20150112
DrWeb Trojan.MulDrop.59180 20150112
Emsisoft Trojan.Generic.3176631 (B) 20150112
ESET-NOD32 Win32/TrojanDownloader.Adload.NFW 20150112
F-Prot W32/TDSS.T 20150112
F-Secure Trojan.Generic.3176631 20150112
Fortinet W32/TDSS.H!tr 20150111
GData Trojan.Generic.3176631 20150112
Ikarus Trojan-Dropper.Win32.TDSS 20150112
Jiangmin TrojanDropper.TDSS.e 20150112
K7AntiVirus Trojan-Downloader ( 001292e11 ) 20150112
K7GW Trojan-Downloader ( 001292e11 ) 20150112
Kaspersky Packed.Win32.Krap.io 20150112
Kingsoft Win32.Troj.TDSS.h.(kcloud) 20150112
Malwarebytes Rootkit.TDSS 20150112
McAfee Generic Dropper.nv 20150112
McAfee-GW-Edition BehavesLike.Win32.Downloader.cc 20150112
Microsoft Trojan:Win32/Alureon.CO 20150112
eScan Trojan.Generic.3176631 20150112
NANO-Antivirus Trojan.Win32.TDSS.zfhgp 20150112
Norman DNSChanger.GQIF 20150112
nProtect Trojan-Dropper/W32.TDSS.123392 20150112
Qihoo-360 HEUR/Malware.QVM20.Gen 20150112
Rising PE:Trojan.Win32.Generic.11E9E91B!300542235 20150112
Sophos AV Mal/Generic-S 20150112
SUPERAntiSpyware Trojan.Agent/Gen 20150112
Symantec Trojan.FakeAV!gen25 20150112
Tencent Win32.Packed.Krap.Amcl 20150112
TheHacker Trojan/Dropper.TDSS.h 20150112
TrendMicro TROJ_KRYPT.SMZT 20150112
TrendMicro-HouseCall TROJ_KRYPT.SMZT 20150112
VIPRE Trojan-Dropper.Win32.TDSS.h (v) 20150112
ViRobot Dropper.TDSS.75888[h] 20150112
Zillya Dropper.TDSS.Win32.2 20150112
AegisLab 20150112
Bkav 20150112
ByteHero 20150112
CMC 20150109
Panda 20150112
TotalDefense 20150112
VBA32 20150112
Zoner 20150112
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2000-2009

Publisher Google Inc.
Product Google Toolbar for Internet Explorer
Original name GoogleToolbarDynamic.dll
Internal name GoogleToolbarDynamic
File version 6, 3, 1106, 427
Description Google Toolbar for Internet Explorer
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2005-07-04 12:12:24
Entry Point 0x00001000
Number of sections 5
PE sections
PE imports
HeapAlloc
GetLastError
GetStartupInfoA
InitializeCriticalSection
GetModuleHandleA
lstrlenA
CreateDirectoryA
SetUnhandledExceptionFilter
VirtualFree
QueryPerformanceCounter
MultiByteToWideChar
ExitProcess
CloseHandle
GetCommandLineA
RemoveDirectoryA
RtlUnwind
SleepEx
SetLastError
RegOpenKeyExA
RegEnumKeyA
RegLoadKeyA
RegQueryValueA
CreateStreamOnHGlobal
OleLockRunning
CoUninitialize
CoInitialize
OleInitialize
OleSaveToStream
CoCreateInstance
OleUninitialize
GetConvertStg
CreateFileMoniker
OleGetClipboard
OleDuplicateData
WriteFmtUserTypeStg
CoGetClassObject
SHGetFileInfoA
SHBindToParent
ShellExecuteExA
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetMalloc
SHFileOperationA
CharPrevA
CharToOemBuffA
ShowCursor
DispatchMessageA
BeginPaint
CreateIcon
CharUpperBuffA
MessageBoxA
CreateAcceleratorTableA
LoadBitmapA
HttpSendRequestA
InternetQueryDataAvailable
HttpOpenRequestA
HttpAddRequestHeadersA
InternetCloseHandle
InternetGetLastResponseInfoA
InternetConnectA
InternetGetCookieA
InternetSetStatusCallbackA
InternetSetOptionExA
HttpQueryInfoA
InternetCrackUrlA
Number of PE resources by type
RT_DIALOG 5
RT_GROUP_CURSOR 2
RT_CURSOR 2
RT_VERSION 1
Number of PE resources by language
NEUTRAL 10
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
7.1

ImageVersion
4.0

FileSubtype
0

FileVersionNumber
6.3.1106.427

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
122880

FileOS
Windows NT 32-bit

MIMEType
application/octet-stream

LegalCopyright
Copyright 2000-2009

FileVersion
6, 3, 1106, 427

TimeStamp
2005:07:04 13:12:24+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
GoogleToolbarDynamic

FileAccessDate
2015:01:12 21:45:53+01:00

ProductVersion
6, 3, 1106, 427

FileDescription
Google Toolbar for Internet Explorer

OSVersion
4.0

FileCreateDate
2015:01:12 21:45:53+01:00

OriginalFilename
GoogleToolbarDynamic.dll

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Google Inc.

CodeSize
8192

ProductName
Google Toolbar for Internet Explorer

ProductVersionNumber
6.3.1106.427

EntryPoint
0x1000

ObjectFileType
Dynamic link library

File identification
MD5 e4ef9d435747b38997d55a0b89dd394d
SHA1 505a5510c631b5f4d2f63c9980080af28cc6a1de
SHA256 9e0349256a52e803bcdbbb2cedcfe378b125cf597ba28b382307bb515513a852
ssdeep
3072:y52mmWu04fRJlL43ioKaj8nDfnnAODWmGqioemiDDGceYh:82dtjpJoP4v1WVqIDHe

authentihash e585dee3ecc2578e41e1561c8557ff14f7da81321049e7b7c733b1d93c0cd1e3
imphash 1574ee4887dd61fd86810508edb41dc3
File size 120.5 KB ( 123392 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2010-01-20 17:31:01 UTC ( 9 years ago )
Last submission 2015-01-12 20:45:59 UTC ( 4 years, 1 month ago )
File names 505a5510c631b5f4d2f63c9980080af28cc6a1de_uy6re3uxl4s8qwlc0nlvt4wu.ex
GoogleToolbarDynamic
GoogleToolbarDynamic.dll
505a5510c631b5f4d2f63c9980080af28cc6a1de_uy6re3uxl4s8qwlc0nlvt4wu.html@c=bbd161816aaf2fa1be5486a972aa391c
E4EF9D435747B38997D55A0B89DD394D
e4ef9d435747b38997d55a0b89dd394d.dat
GsoWLmG.docx
Vc7d2.rtf
e4ef9d435747b38997d55a0b89dd394d
aa
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!