× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a878fadd11d50b1a7b34e96dc37965c776e42db16d789b3fc00385f1d369fd32
File name: keyinit.dll
Detection ratio: 38 / 67
Analysis date: 2018-07-22 23:25:21 UTC ( 8 months ago )
Antivirus Result Update
Ad-Aware Trojan.Generic.8028993 20180722
ALYac Hijacker.KeyInit 20180722
Antiy-AVL Trojan/Win32.TSGeneric 20180722
Arcabit Trojan.Generic.D7A8341 20180722
Avast FileRepMalware 20180722
AVG FileRepMalware 20180722
Avira (no cloud) TR/BHO.Gen 20180722
AVware Trojan.Win32.Generic!BT 20180722
BitDefender Trojan.Generic.8028993 20180722
ClamAV Win.Trojan.Agent-990192 20180722
Cylance Unsafe 20180723
Cyren W32/Trojan.XBGC-7628 20180722
Emsisoft Trojan.Generic.8028993 (B) 20180722
F-Prot W32/Trojan4.DJN 20180722
F-Secure Trojan.Generic.8028993 20180722
Fortinet W32/BHO.J 20180722
GData Trojan.Generic.8028993 20180722
Ikarus Trojan.Win32.Agent 20180722
Kaspersky UDS:DangerousObject.Multi.Generic 20180722
MAX malware (ai score=98) 20180723
McAfee Generic.dx!87C661053942 20180722
McAfee-GW-Edition Generic.dx!87C661053942 20180722
Microsoft Trojan:Win32/Bitrep.A 20180722
eScan Trojan.Generic.8028993 20180722
NANO-Antivirus Trojan.Win32.BHO.byaig 20180722
Panda Trj/CI.A 20180722
Qihoo-360 Win32/Trojan.4f9 20180723
Rising Trojan.Win32.Generic.12A4FC97 (C64:YzY0OvgxUlJs39d6) 20180722
Sophos AV Mal/BHO-J 20180722
Symantec ML.Attribute.HighConfidence 20180722
Tencent Win32.Trojan.Generic.Ecug 20180723
TrendMicro ADW_KEYINIT 20180722
TrendMicro-HouseCall ADW_KEYINIT 20180722
VIPRE Trojan.Win32.Generic!BT 20180722
Webroot Adware.Adware-BHO.Gen.X 20180723
Yandex Trojan.BHO!PhjFH+WVXnc 20180720
Zillya Trojan.Agent.Win32.141912 20180720
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20180722
AegisLab 20180722
AhnLab-V3 20180722
Alibaba 20180713
Avast-Mobile 20180722
Babable 20180406
Baidu 20180717
Bkav 20180719
CAT-QuickHeal 20180722
CMC 20180722
Comodo 20180722
CrowdStrike Falcon (ML) 20180530
Cybereason 20180225
DrWeb 20180722
eGambit 20180723
Endgame 20180711
ESET-NOD32 20180722
Sophos ML 20180717
Jiangmin 20180722
K7AntiVirus 20180722
K7GW 20180722
Kingsoft 20180723
Malwarebytes 20180722
Palo Alto Networks (Known Signatures) 20180723
SentinelOne (Static ML) 20180701
SUPERAntiSpyware 20180722
TACHYON 20180722
TheHacker 20180722
TotalDefense 20180722
Trustlook 20180723
VBA32 20180720
ViRobot 20180722
Zoner 20180721
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x000BB970
Number of sections 3
PE sections
PE imports
LoadLibraryA
GetProcAddress
RegFlushKey
ImageList_Add
SaveDC
OleDraw
VariantCopy
VerQueryValueA
PE exports
Number of PE resources by type
RT_STRING 25
RT_BITMAP 11
RT_GROUP_CURSOR 7
RT_CURSOR 7
RT_RCDATA 4
RT_DIALOG 1
Number of PE resources by language
NEUTRAL 55
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
282624

LinkerVersion
2.25

FileTypeExtension
dll

InitializedDataSize
4096

SubsystemVersion
4.0

EntryPoint
0xbb970

OSVersion
4.0

ImageVersion
0.0

UninitializedDataSize
483328

File identification
MD5 87c661053942900baa2636548b7ce84f
SHA1 6150380b87b13700e92fe84f7e62c0ea5cc4a5ca
SHA256 a878fadd11d50b1a7b34e96dc37965c776e42db16d789b3fc00385f1d369fd32
ssdeep
6144:DOqgSt2l4S9skQGAdyywMXYFZogPunJiqu10qMPczx70bj2t78uAz:KxStdS9skeuSUtqu1ok0fAA

authentihash c347a8161004266bceef97bbd16eb3696f690298aa6ea281219b68ea5332959e
imphash a37a53de636be73906862050fb448ea6
File size 280.0 KB ( 286720 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (37.1%)
Win32 EXE Yoda's Crypter (36.4%)
Win32 Dynamic Link Library (generic) (9.0%)
Win32 Executable (generic) (6.1%)
Win16/32 Executable Delphi generic (2.8%)
Tags
pedll

VirusTotal metadata
First submission 2008-01-26 20:03:21 UTC ( 11 years, 1 month ago )
Last submission 2012-05-18 18:39:05 UTC ( 6 years, 10 months ago )
File names 87c661053942900baa2636548b7ce84f_87C661053942900BAA2636548B7CE84F_DLL
aa
el8u4Hb.sys
keyinit.dll
87c661053942900baa2636548b7ce84f
87C661053942900BAA2636548B7CE84F
output.1466956.txt
a878fadd11d50b1a7b34e96dc37965c776e42db16d789b3fc00385f1d369fd32
1466956
1266273431.keyinit.dll
RMcpTP.jpg
C__System Volume Information__restore{42751AC1-6D0D-48D2-96A7-2229AD40BCCE}_RP989_A0333742.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!