× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a6b79e81bb8e2d78a75487f613d909c20e8e06a5f2819b2625b1ffb7fd25fc47
File name: 2.dll
Detection ratio: 1 / 57
Analysis date: 2015-03-19 10:34:38 UTC ( 4 years, 2 months ago ) View latest
Antivirus Result Update
Fortinet W32/Dridex.H!tr 20150319
Ad-Aware 20150319
AegisLab 20150319
Yandex 20150318
AhnLab-V3 20150318
Alibaba 20150319
ALYac 20150319
Antiy-AVL 20150319
Avast 20150319
AVG 20150319
Avira (no cloud) 20150319
AVware 20150319
Baidu-International 20150319
BitDefender 20150319
Bkav 20150318
ByteHero 20150319
CAT-QuickHeal 20150318
ClamAV 20150319
CMC 20150317
Comodo 20150319
Cyren 20150319
DrWeb 20150319
Emsisoft 20150319
ESET-NOD32 20150319
F-Prot 20150319
F-Secure 20150319
GData 20150319
Ikarus 20150319
Jiangmin 20150318
K7AntiVirus 20150319
K7GW 20150319
Kaspersky 20150319
Kingsoft 20150319
Malwarebytes 20150319
McAfee 20150319
McAfee-GW-Edition 20150319
Microsoft 20150319
eScan 20150319
NANO-Antivirus 20150319
Norman 20150319
nProtect 20150319
Panda 20150318
Qihoo-360 20150319
Rising 20150318
Sophos AV 20150319
SUPERAntiSpyware 20150319
Symantec 20150319
Tencent 20150319
TheHacker 20150319
TotalDefense 20150318
TrendMicro 20150319
TrendMicro-HouseCall 20150319
VBA32 20150318
VIPRE 20150319
ViRobot 20150319
Zillya 20150318
Zoner 20150319
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© ?????????? ??????????. ??? ????? ????????.

Publisher ?????????? ??????????
Product ???????????? ??????? Microsoft® Windows®
Original name DInput8.dll
Internal name DInput8.dll
File version 5.03.2621.5512 (xpsp.080413-0845)
Description Microsoft DirectInput
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-07-26 04:31:58
Entry Point 0x00005DF0
Number of sections 4
PE sections
PE imports
PauseClusterNode
GetClusterInformation
ClusterOpenEnum
GetTextExtentPointW
VerLanguageNameA
GetLastError
GetSystemWow64DirectoryA
GetAtomNameW
FreeLibrary
IsDBCSLeadByteEx
DeleteTimerQueueEx
TlsAlloc
FlushFileBuffers
LoadLibraryA
DeleteVolumeMountPointA
GetCurrentProcess
GetEnvironmentStrings
GetPrivateProfileStringA
WritePrivateProfileStringA
LocalAlloc
OpenProcess
GetProfileSectionW
IsDBCSLeadByte
WriteConsoleInputW
GetFileInformationByHandle
GetVolumeInformationW
GetStartupInfoW
GetLogicalDrives
VirtualLock
SetVolumeMountPointW
GetProcAddress
QueryMemoryResourceNotification
InterlockedCompareExchange
EnumCalendarInfoW
WaitCommEvent
CreateWaitableTimerW
GetSystemDefaultLangID
FindResourceExA
RaiseException
GetFirmwareEnvironmentVariableW
ReleaseSemaphore
GlobalUnfix
GetModuleHandleA
VirtualUnlock
GetSystemTimeAdjustment
InterlockedExchange
GetStartupInfoA
SetFirmwareEnvironmentVariableA
CreateTimerQueueTimer
GetSystemDirectoryA
GetNumberOfConsoleMouseButtons
SetThreadIdealProcessor
MoveFileExA
ExpandEnvironmentStringsA
ReadConsoleA
LocalFree
TerminateProcess
FindFirstVolumeA
SetHandleCount
GetNumberFormatA
HeapCreate
FindFirstVolumeMountPointW
SetFileApisToOEM
WriteProfileSectionW
MoveFileW
SetMessageWaitingIndicator
GetProcessVersion
HeapValidate
SetMailslotInfo
ExitProcess
MprInfoBlockSet
MprConfigTransportGetInfo
BSTR_UserFree
VarR4FromDec
SHInvokePrinterCommandW
fputc
malloc
wprintf
fseek
vfwprintf
asctime
setbuf
strcoll
getchar
_chkstk
wcstoul
memset
memcpy
wcslen
wcscspn
memcmp
strcmp
PdhReadRawLogRecord
PdhCollectQueryDataEx
PdhCollectQueryData
PdhGetDefaultPerfCounterA
PdhGetCounterInfoW
WriteHitLogging
CoInternetGetSecurityUrl
ReleaseBindInfo
GetComponentIDFromCLSSPEC
CompareSecurityIds
PE exports
Number of PE resources by type
RT_STRING 93
RT_RCDATA 9
RT_VERSION 1
Number of PE resources by language
RUSSIAN 103
PE resources
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
5.2

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
5.3.2621.5512

UninitializedDataSize
0

LanguageCode
Russian

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
57344

OriginalFilename
DInput8.dll

MIMEType
application/octet-stream

LegalCopyright
. .

FileVersion
5.03.2621.5512 (xpsp.080413-0845)

TimeStamp
1992:07:26 05:31:58+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
DInput8.dll

ProductVersion
5.03.2621.5512

FileDescription
Microsoft DirectInput

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
315392

ProductName
Microsoft Windows

ProductVersionNumber
5.3.2621.5512

EntryPoint
0x5df0

ObjectFileType
Dynamic link library

File identification
MD5 6fff9c2afb09dbe50ffb2b79617d854c
SHA1 033857be9e5835db1d9b7676714127eee2adab78
SHA256 a6b79e81bb8e2d78a75487f613d909c20e8e06a5f2819b2625b1ffb7fd25fc47
ssdeep
6144:DXcrDLpSWr4ejIGdh/DlZHsnp+/EIeB+SQ1Ev0ojaOCAa3tTHHe:Ir34mISDEgUQ1Ev0ojeZ

authentihash 7065b758191718f8e23d8da384099a1a0fbfcf4f29ff630118a056393160ad54
imphash caf6846cbd53179577c4a96e25ab7837
File size 364.0 KB ( 372736 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.4%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
pedll

VirusTotal metadata
First submission 2015-03-19 10:34:38 UTC ( 4 years, 2 months ago )
Last submission 2015-03-19 14:08:28 UTC ( 4 years, 2 months ago )
File names 2.dll
DInput8.dll
2.tmp
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!