× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a0bf5f1ed8d34fd0b6cb1432618986f90256ef4f8c86a1460823e6dfa8edd8ca
File name: smona124907697593747904417
Detection ratio: 0 / 41
Analysis date: 2009-07-31 23:54:07 UTC ( 4 years, 8 months ago ) View latest
Probably harmless! There are strong indicators suggesting that this file is safe to use.
Antivirus Result Update
AVG 20090731
AhnLab-V3 20090731
AntiVir 20090731
Antiy-AVL 20090731
Authentium 20090731
Avast 20090731
BitDefender 20090731
CAT-QuickHeal 20090730
ClamAV 20090731
Comodo 20090731
DrWeb 20090731
F-Prot 20090731
F-Secure 20090731
Fortinet 20090731
GData 20090731
Ikarus 20090731
Jiangmin 20090731
K7AntiVirus 20090731
Kaspersky 20090731
McAfee 20090731
McAfee+Artemis 20090731
McAfee-GW-Edition 20090731
Microsoft 20090731
NOD32 20090731
Norman 20090731
PCTools 20090731
Panda 20090731
Prevx 20090731
Rising 20090731
Sophos 20090731
Sunbelt 20090731
Symantec 20090731
TheHacker 20090730
TrendMicro 20090731
VBA32 20090731
ViRobot 20090731
VirusBuster 20090731
a-squared 20090731
eSafe 20090730
eTrust-Vet 20090731
nProtect 20090731
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
Authenticode signature block
Copyright
Copyright © 1987-2000 Microsoft Corp.

Publisher Microsoft Corporation
Product Microsoft Winsock Control
Internal name MSWINSCK.OCX
File version 6.01.9816
Description Microsoft Winsock Control DLL
Comments March 24, 2009
Signature verification Signed file, verified signature
Signing date 8:56 PM 3/24/2009
Signers
[+] Microsoft Corporation
Status Certificate out of its validity period
Valid from 10:24 PM 10/22/2008
Valid to 10:34 PM 1/22/2010
Valid usage Code Signing
Algorithm SHA1
Thumbrint 9E95C625D81B2BA9C72FD70275C3699613AF61E3
Serial number 61 06 27 81 00 00 00 00 00 08
[+] Microsoft Code Signing PCA
Status Certificate out of its validity period
Valid from 11:31 PM 8/22/2007
Valid to 8:00 AM 8/25/2012
Valid usage Code Signing
Algorithm SHA1
Thumbrint 3036E3B25B88A55B86FC90E6E9EAAD5081445166
Serial number 2E AB 11 DC 50 FF 5C 9D CB C0
[+] Microsoft Root Authority
Status Valid
Valid from 8:00 AM 1/10/1997
Valid to 8:00 AM 12/31/2020
Valid usage All
Algorithm MD5
Thumbrint A43489159A520F0D93D032CCAF37E7FE20A8B419
Serial number 00 C1 00 8B 3C 3C 88 11 D1 3E F6 63 EC DF 40
Counter signers
[+] Microsoft Timestamping Service
Status Certificate out of its validity period
Valid from 2:53 AM 9/16/2006
Valid to 3:03 AM 9/16/2011
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint A1DC024FC8B2A76745D4661F663B8741C3D35313
Serial number 61 47 52 BA 00 00 00 00 00 04
[+] Microsoft Timestamping PCA
Status Valid
Valid from 2:04 AM 9/16/2006
Valid to 8:00 AM 9/15/2019
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint 3EA99A60058275E0ED83B892A909449F8C33B245
Serial number 6A 0B 99 4F C0 00 25 AB 11 DB 45 1F 58 7A 67 A2
[+] Microsoft Root Authority
Status Valid
Valid from 8:00 AM 1/10/1997
Valid to 8:00 AM 12/31/2020
Valid usage All
Algorithm MD5
Thumbrint A43489159A520F0D93D032CCAF37E7FE20A8B419
Serial number 00 C1 00 8B 3C 3C 88 11 D1 3E F6 63 EC DF 40
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-03-24 17:47:18
Entry Point 0x000012F8
Number of sections 4
PE sections
PE imports
RegDeleteKeyA
RegCloseKey
RegQueryValueA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyExA
GetDeviceCaps
GetObjectA
SelectObject
GetWindowExtEx
SetMapMode
DeleteDC
CreateDCA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
CreateRectRgnIndirect
LPtoDP
BitBlt
GetViewportExtEx
CreateCompatibleDC
DeleteObject
GetLastError
HeapFree
EnterCriticalSection
lstrlenA
GetFileAttributesA
FreeLibrary
HeapAlloc
IsBadWritePtr
GetModuleFileNameA
LoadLibraryA
DeleteCriticalSection
GetLocaleInfoA
LockResource
lstrlenW
GetWindowsDirectoryA
MultiByteToWideChar
GetProcAddress
GetProcessHeap
WideCharToMultiByte
lstrcmpiA
lstrcmpA
InterlockedIncrement
DisableThreadLibraryCalls
HeapReAlloc
GetVersion
LocalFree
InitializeCriticalSection
LoadResource
InterlockedDecrement
FormatMessageA
GetTickCount
GetCurrentThreadId
FindResourceA
SetLastError
LeaveCriticalSection
SysStringLen
SysStringByteLen
SysAllocString
SafeArrayCreate
SafeArrayGetElemsize
OleCreatePropertyFrame
CreateErrorInfo
SafeArrayAccessData
SafeArrayGetLBound
UnRegisterTypeLib
SafeArrayUnaccessData
SafeArrayDestroy
SafeArrayGetUBound
VariantInit
LoadTypeLibEx
LoadTypeLib
SysFreeString
SysAllocStringByteLen
LoadRegTypeLib
VariantChangeType
SafeArrayRedim
SetErrorInfo
SysAllocStringLen
RegisterTypeLib
VariantClear
GetErrorInfo
SafeArrayGetDim
SetFocus
DrawEdge
RegisterClassA
GetParent
IntersectRect
EndDialog
BeginPaint
OffsetRect
CreateDialogIndirectParamA
KillTimer
DefWindowProcA
ShowWindow
MessageBeep
LoadBitmapA
SetWindowPos
SetWindowRgn
SendDlgItemMessageA
GetSystemMetrics
IsWindow
GetWindowRect
EndPaint
SetDlgItemTextA
PostMessageA
MoveWindow
GetDlgItemTextA
MessageBoxA
PeekMessageA
SetWindowLongA
GetWindowLongA
IsWindowEnabled
GetWindow
GetDlgItemInt
GetDC
GetKeyState
ReleaseDC
EqualRect
LoadStringA
SetParent
IsWindowVisible
SendMessageA
DialogBoxParamA
GetClientRect
SetTimer
GetDlgItem
WinHelpA
GetNextDlgTabItem
ClientToScreen
wsprintfA
CreateWindowExA
LoadCursorA
GetActiveWindow
CharNextA
SetDlgItemInt
UnregisterClassA
DestroyWindow
IsChild
IsDialogMessageA
PtInRect
shutdown
accept
ioctlsocket
WSAStartup
connect
getsockname
htons
inet_ntoa
WSAGetLastError
WSACancelAsyncRequest
gethostname
getsockopt
WSAAsyncGetHostByName
recv
inet_addr
send
ntohs
select
gethostbyaddr
WSAAsyncGetHostByAddr
listen
__WSAFDIsSet
WSAAsyncSelect
gethostbyname
WSASetLastError
WSACleanup
closesocket
setsockopt
socket
getpeername
bind
recvfrom
sendto
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CreateOleAdviseHolder
PE exports
Number of PE resources by type
RT_STRING 20
RT_DIALOG 2
RT_ICON 2
RT_GROUP_ICON 2
TYPELIB 1
RT_BITMAP 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 29
ExifTool file metadata
LegalTrademarks
Microsoft is a registered trademark of Microsoft Corporation. Windows(tm) is a trademark of Microsoft Corporation.

SubsystemVersion
4.0

Comments
March 24, 2009

InitializedDataSize
34816

ImageVersion
0.0

ProductName
Microsoft Winsock Control

FileVersionNumber
6.1.98.16

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

LinkerVersion
5.2

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
6.01.9816

TimeStamp
2009:03:24 18:47:18+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
MSWINSCK.OCX

FileAccessDate
2014:04:22 15:08:00+01:00

ProductVersion
6.01.9816

FileDescription
Microsoft Winsock Control DLL

OSVersion
4.0

FileCreateDate
2014:04:22 15:08:00+01:00

FileOS
Windows NT 32-bit

LegalCopyright
Copyright 1987-2000 Microsoft Corp.

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
71680

FileSubtype
0

ProductVersionNumber
6.1.98.16

EntryPoint
0x12f8

ObjectFileType
Dynamic link library

Execution parents
PE resource-wise parents
Compressed bundles
File identification
MD5 40fce4be52f6015c23fd96a4b3351357
SHA1 f4a23cee42125f20444a4b005555d631df2aaacf
SHA256 a0bf5f1ed8d34fd0b6cb1432618986f90256ef4f8c86a1460823e6dfa8edd8ca
ssdeep
3072:0FC6rqnaHjlH2czX/t9VO5XJicR4Wp/J3HA3+CZYZ1c:0FClQhH9VDcRfDoCc

imphash 4d78a6f6ab4a33532c81e798de411de2
File size 124.8 KB ( 127808 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Windows ActiveX control (87.1%)
Win32 Dynamic Link Library (generic) (4.9%)
Win32 Executable (generic) (3.3%)
Win16/32 Executable Delphi generic (1.5%)
Generic Win/DOS Executable (1.4%)
Tags
peexe pedll signed

VirusTotal metadata
First submission 2009-07-14 04:08:50 UTC ( 4 years, 9 months ago )
Last submission 2014-04-04 06:08:20 UTC ( 3 weeks ago )
File names smona132636838880072584756
a0bf5f1ed8d34fd0b6cb1432618986f90256ef4f8c86a1460823e6dfa8edd8ca
40FCE4BE52F6015C23FD96A4B3351357
smona131405842409052849651
C3DE0282C7C5F4A34DB541.ocx
smona131680077769839152641
output.2044265.txt
Mswinsck.ocx
smona130723209398025304941
2044265
smona131186522796937008991
smona132166907068633130491
mswinsck.ocx
smona132155861832779692928
smona131375737198183203837
mswinsck[1].ocx
40fce4be52f6015c23fd96a4b3351357.EXE
40fce4be52f6015c23fd96a4b3351357
smona131471231209074944713
smona132223153343624318211
smona124825283175050247868
mswinsck.ocx
MSWINSCK.ocx
mswinsck (1).ocx
smona132413602123347670183
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!