× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a38f3301cd4ad2ce7785b18e71f92b0a9bb7e4c94adc7bc47a74d609d0ee3982
File name: OKToolbar
Detection ratio: 28 / 65
Analysis date: 2018-07-19 00:04:57 UTC ( 9 months, 1 week ago )
Antivirus Result Update
Ad-Aware Generic.Zlob.4D112FA2 20180718
Antiy-AVL Trojan/Win32.SGeneric 20180719
Arcabit Generic.Zlob.4D112FA2 20180719
AVG FileRepMetagen [Malware] 20180719
AVware Trojan.Win32.Generic!BT 20180719
BitDefender Generic.Zlob.4D112FA2 20180719
Comodo UnclassifiedMalware 20180719
Cylance Unsafe 20180719
Cyren W32/Risk.JHYF-0655 20180719
Emsisoft Generic.Zlob.4D112FA2 (B) 20180719
F-Prot W32/MalwareF.JDXM 20180719
F-Secure Generic.Zlob.4D112FA2 20180719
Fortinet PossibleThreat.w 20180718
GData Generic.Zlob.4D112FA2 20180719
Kingsoft Win32.Troj.Agent.(kcloud) 20180719
MAX malware (ai score=99) 20180719
McAfee Artemis!FD8D1FD44BEA 20180719
McAfee-GW-Edition Artemis!Trojan 20180718
Microsoft Trojan:Win32/Bladi!rts 20180719
eScan Generic.Zlob.4D112FA2 20180718
Panda Generic Malware 20180718
Qihoo-360 Win32/Trojan.a41 20180719
Rising Trojan.Win32.Generic.1330319C (C64:YzY0Ol3Q7rIeE1xx) 20180719
Sophos AV Mal/Generic-S 20180718
Tencent Win32.Trojan.Zlob.Egen 20180719
VIPRE Trojan.Win32.Generic!BT 20180719
Webroot W32.Trojan.Bladi 20180719
Yandex Trojan.Zlob!ogz0J4dbqVo 20180717
AegisLab 20180719
AhnLab-V3 20180718
Alibaba 20180713
Avast-Mobile 20180718
Avira (no cloud) 20180718
Babable 20180406
Baidu 20180717
Bkav 20180718
CAT-QuickHeal 20180718
ClamAV 20180719
CMC 20180718
CrowdStrike Falcon (ML) 20180530
Cybereason 20180225
DrWeb 20180719
eGambit 20180719
Endgame 20180711
ESET-NOD32 20180718
Ikarus 20180718
Sophos ML 20180717
Jiangmin 20180719
K7AntiVirus 20180718
K7GW 20180718
Kaspersky 20180719
Malwarebytes 20180719
NANO-Antivirus 20180719
Palo Alto Networks (Known Signatures) 20180719
SentinelOne (Static ML) 20180701
SUPERAntiSpyware 20180718
Symantec 20180718
TACHYON 20180718
TheHacker 20180718
TotalDefense 20180718
TrendMicro 20180719
TrendMicro-HouseCall 20180719
Trustlook 20180719
VBA32 20180718
ViRobot 20180718
Zillya 20180718
ZoneAlarm by Check Point 20180719
Zoner 20180718
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright 2006

Product OKToolbar Module
Original name OKToolbar.DLL
Internal name OKToolbar
File version 1.19
Description OKToolbar Module
Packers identified
PEiD Armadillo v1.xx - v2.xx
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2007-03-14 08:47:52
Entry Point 0x0000930A
Number of sections 5
PE sections
PE imports
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegEnumValueA
RegCreateKeyExA
RegOpenKeyExA
RegQueryInfoKeyA
Ord(42)
Ord(43)
Ord(16)
Ord(57)
Ord(23)
Ord(58)
Ord(44)
Ord(46)
Ord(21)
Ord(31)
Ord(30)
Ord(47)
Ord(15)
Ord(32)
Ord(18)
GetStockObject
ImmSetConversionStatus
ImmGetConversionStatus
ImmGetContext
GetLastError
InitializeCriticalSection
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
LoadLibraryA
lstrlenA
GetModuleFileNameW
GetModuleHandleW
GetOEMCP
LCMapStringA
HeapDestroy
DebugBreak
DisableThreadLibraryCalls
TlsAlloc
GetEnvironmentStringsW
GetVersionExA
GetModuleFileNameA
RtlUnwind
lstrlenW
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetEnvironmentStrings
DeleteFileA
CreateFileA
InterlockedDecrement
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetCPInfo
GetCommandLineA
GetProcAddress
FlushInstructionCache
RaiseException
WideCharToMultiByte
LoadLibraryW
TlsFree
GetModuleHandleA
GetCurrentThreadId
SetUnhandledExceptionFilter
WriteFile
GetStartupInfoA
GetStringTypeA
CloseHandle
GetACP
HeapReAlloc
GetStringTypeW
GetVersion
HeapAlloc
LocalFree
TerminateProcess
GetEnvironmentVariableA
HeapCreate
VirtualFree
GetFileAttributesW
TlsGetValue
Sleep
GetFileType
TlsSetValue
IsBadCodePtr
ExitProcess
OutputDebugStringA
InterlockedIncrement
VirtualAlloc
SetLastError
LeaveCriticalSection
LoadRegTypeLib
SafeArrayAccessData
SysStringLen
SysAllocStringLen
SafeArrayUnaccessData
VariantClear
SysAllocString
VariantCopy
SafeArrayCreateVector
SysFreeString
VariantInit
ShellExecuteA
PathFileExistsA
SetFocus
GetParent
CharNextA
ShowWindow
DefWindowProcA
FindWindowA
CharLowerA
IsWindow
GetWindowRect
DispatchMessageA
UnhookWindowsHookEx
MoveWindow
EnumChildWindows
CallWindowProcA
SetWindowLongA
wvsprintfA
TranslateMessage
GetDC
GetKeyState
GetCursorPos
DestroyIcon
LoadStringA
DrawIconEx
GetWindowTextLengthA
SendMessageA
GetClientRect
CallNextHookEx
GetWindowLongA
FindWindowExA
CreateWindowExA
LoadIconA
SetWindowsHookExA
GetActiveWindow
CopyRect
LoadImageA
GetClassNameA
GetFocus
GetWindowTextA
DestroyWindow
InternetOpenUrlA
InternetQueryDataAvailable
InternetReadFile
InternetCloseHandle
InternetOpenA
HttpQueryInfoA
CoInitialize
PE exports
Number of PE resources by type
RT_ICON 3
RT_GROUP_ICON 3
TYPELIB 1
RT_MANIFEST 1
RT_STRING 1
RT_MENU 1
REGISTRY 1
RT_VERSION 1
Number of PE resources by language
KOREAN 12
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.1

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
49152

EntryPoint
0x930a

OriginalFileName
OKToolbar.DLL

MIMEType
application/octet-stream

LegalCopyright
Copyright 2006

FileVersion
1.19

TimeStamp
2007:03:14 09:47:52+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
OKToolbar

ProductVersion
1.19

FileDescription
OKToolbar Module

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Sinwoo Communication

CodeSize
53248

ProductName
OKToolbar Module

ProductVersionNumber
1.0.0.1

FileTypeExtension
dll

ObjectFileType
Dynamic link library

File identification
MD5 fd8d1fd44bea3c122128b2b2f6ec6d17
SHA1 97c1171585af07d26d3ff16733d41a8092de687b
SHA256 a38f3301cd4ad2ce7785b18e71f92b0a9bb7e4c94adc7bc47a74d609d0ee3982
ssdeep
1536:F3zJbIIEJOJJbtTVW07P9MZ+KTlf7LC5ltpqnf0SPTJAZRPtSM:VJnxW0L9Mn7LCPtpqnfnNEPtD

authentihash 4600d368e04233887211a74282ac38a8ed2042fefc8b1ea44d2aeafca1383364
imphash ab08dc2338f85c232f798f3beedd0ac0
File size 100.0 KB ( 102400 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID DirectShow filter (51.1%)
Windows ActiveX control (29.5%)
Win32 Executable MS Visual C++ (generic) (7.9%)
Win64 Executable (generic) (7.0%)
Win32 Dynamic Link Library (generic) (1.6%)
Tags
armadillo pedll

VirusTotal metadata
First submission 2010-02-13 19:00:02 UTC ( 9 years, 2 months ago )
Last submission 2013-07-04 07:57:02 UTC ( 5 years, 9 months ago )
File names fd8d1fd44bea3c122128b2b2f6e
aa
OKToolbar.DLL
oktoolbar.dll
DDT7.reg
1466979
oktoolbar.dll-knDpno
a38f3301cd4ad2ce7785b18e71f92b0a9bb7e4c94adc7bc47a74d609d0ee3982
8vI3.gz
output.1466979.txt
OKToolbar
FD8D1FD44BEA3C122128B2B2F6EC6D17
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!