× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: abd094b9640d2594256cdbbaa7679faa6bba6617d9dda1a9e30e01b489059bfe
File name: icuio54.dll
Detection ratio: 0 / 63
Analysis date: 2018-07-02 06:15:31 UTC ( 10 months, 3 weeks ago )
Antivirus Result Update
Ad-Aware 20180702
AegisLab 20180702
AhnLab-V3 20180702
ALYac 20180702
Antiy-AVL 20180702
Arcabit 20180702
Avast 20180702
Avast-Mobile 20180702
AVG 20180702
Avira (no cloud) 20180701
AVware 20180702
Babable 20180406
Baidu 20180628
BitDefender 20180702
Bkav 20180630
CAT-QuickHeal 20180701
ClamAV 20180702
CMC 20180701
Comodo 20180702
CrowdStrike Falcon (ML) 20180530
Cybereason 20180225
Cyren 20180702
DrWeb 20180702
eGambit 20180702
Emsisoft 20180702
Endgame 20180612
ESET-NOD32 20180702
F-Prot 20180702
F-Secure 20180702
Fortinet 20180702
GData 20180702
Ikarus 20180701
Sophos ML 20180601
Jiangmin 20180702
K7AntiVirus 20180702
K7GW 20180702
Kaspersky 20180702
Kingsoft 20180702
Malwarebytes 20180702
MAX 20180702
McAfee 20180702
McAfee-GW-Edition 20180702
Microsoft 20180702
eScan 20180702
NANO-Antivirus 20180702
Palo Alto Networks (Known Signatures) 20180702
Panda 20180701
Qihoo-360 20180702
SentinelOne (Static ML) 20180701
Sophos AV 20180702
SUPERAntiSpyware 20180701
Symantec 20180701
TACHYON 20180702
Tencent 20180702
TheHacker 20180628
TotalDefense 20180701
Trustlook 20180702
VBA32 20180629
VIPRE 20180702
ViRobot 20180701
Webroot 20180702
Yandex 20180629
Zillya 20180629
ZoneAlarm by Check Point 20180702
Zoner 20180701
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2014, International Business Machines Corporation and others. All Rights Reserved.

Product International Components for Unicode
Original name icuio54.dll
File version 54, 1, 0, 0
Description ICU I/O DLL
Comments http://icu-project.org
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-11-20 08:29:35
Entry Point 0x000074B1
Number of sections 5
PE sections
PE imports
GetSystemTimeAsFileTime
DecodePointer
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
EncodePointer
DisableThreadLibraryCalls
IsProcessorFeaturePresent
GetCurrentThreadId
InterlockedCompareExchange
?_Xout_of_range@std@@YAXPBD@Z
?uncaught_exception@std@@YA_NXZ
?_Winerror_map@std@@YAPBDH@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?_Xbad_alloc@std@@YAXXZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?_Syserror_map@std@@YAPBDH@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Xlength_error@std@@YAXPBD@Z
?putback@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
_purecall
_malloc_crt
??1type_info@@UAE@XZ
__crtTerminateProcess
fread
fclose
__dllonexit
_CxxThrowException
fgets
fflush
fopen
feof
__clean_type_info_names_internal
_amsg_exit
?terminate@@YAXXZ
??2@YAPAXI@Z
fwrite
_lock
_onexit
rewind
_initterm_e
memset
_unlock
_crt_debugger_hook
_fileno
??3@YAXPAX@Z
free
__CxxFrameHandler3
_except_handler4_common
_wfopen
memcpy
__crtUnhandledException
memmove
__iob_func
_calloc_crt
__CppXcptFilter
_initterm
unum_formatDouble_54
unum_getAttribute_54
unum_parseDouble_54
unum_open_54
utrans_transUChars_54
unum_clone_54
unum_setTextAttribute_54
utrans_transIncrementalUChars_54
unum_setAttribute_54
unum_close_54
utrans_close_54
unum_getSymbol_54
unum_parseInt64_54
unum_setSymbol_54
unum_formatInt64_54
unum_getTextAttribute_54
uset_open_54
ucnv_getName_54
u_isspace_54
uloc_getDefault_54
u_austrcpy_54
ucnv_toUnicode_54
?append@UnicodeString@icu_54@@QAEAAV12@_W@Z
u_UCharsToChars_54
ucnv_fromUnicode_54
u_strToLower_54
uprv_free_54
?truncate@UnicodeString@icu_54@@QAECH@Z
uset_applyPattern_54
?umtx_initImplPreInit@icu_54@@YACAAUUInitOnce@1@@Z
u_strlen_54
uset_close_54
uprv_trunc_54
ucnv_open_54
uset_contains_54
ucnv_getMaxCharSize_54
ucnv_getMinCharSize_54
?umtx_initImplPostInit@icu_54@@YAXAAUUInitOnce@1@@Z
??0Mutex@icu_54@@QAE@PAUUMutex@@@Z
u_charsToUChars_54
uprv_realloc_54
u_strToUpper_54
ucln_registerCleanup_54
?getBuffer@UnicodeString@icu_54@@QBEPB_WXZ
uprv_pow10_54
ucnv_close_54
uprv_malloc_54
ucnv_reset_54
u_strncpy_54
u_memset_54
??1Mutex@icu_54@@QAE@XZ
u_getDefaultConverter_54
u_releaseDefaultConverter_54
u_isWhitespace_54
PE exports
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

Comments
http://icu-project.org

LinkerVersion
11.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
54.1.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
ASCII

InitializedDataSize
13824

EntryPoint
0x74b1

OriginalFileName
icuio54.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2014, International Business Machines Corporation and others. All Rights Reserved.

FileVersion
54, 1, 0, 0

TimeStamp
2014:11:20 09:29:35+01:00

FileType
Win32 DLL

PEType
PE32

SubsystemVersion
6.0

ProductVersion
54, 1, 0, 0

FileDescription
ICU I/O DLL

OSVersion
6.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
The ICU Project

CodeSize
28160

ProductName
International Components for Unicode

ProductVersionNumber
54.1.0.0

FileTypeExtension
dll

ObjectFileType
Dynamic link library

CarbonBlack CarbonBlack acts as a surveillance camera for computers
Compressed bundles
File identification
MD5 aa4cffeefab3e1fbd319e9887e75b967
SHA1 9ac46567b4497770cd41c5362e4d8340bffaca4e
SHA256 abd094b9640d2594256cdbbaa7679faa6bba6617d9dda1a9e30e01b489059bfe
ssdeep
768:HrAXWuI/mbZjQlfM5sQChWkUsjDNFVvoyeq1WN1Fh5SoqKVX3nbBj:HrAXzIqQlnQsHNUyes4FKoqKVX3nbB

authentihash 6c59e843dc99402335a008b869a3b6e6ea723b76d5e9049a31558d10815b4ca1
imphash 0dd7cf145f720c75b8eed370d7e3d2db
File size 41.0 KB ( 41984 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (61.7%)
Win32 Dynamic Link Library (generic) (14.7%)
Win32 Executable (generic) (10.0%)
OS/2 Executable (generic) (4.5%)
Generic Win/DOS Executable (4.4%)
Tags
pedll

VirusTotal metadata
First submission 2014-12-18 12:21:10 UTC ( 4 years, 5 months ago )
Last submission 2018-05-13 04:13:37 UTC ( 1 year ago )
File names icuid990.rra
icuidb88.rra
sbs_ve_ambr_20150508210451.332_ 2829
icuc2c8.tmp
icui6853.rra
icuio54.dll
sbs_ve_ambr_20150613210304.114_ 15061
sbs_ve_ambr_20150630003757.386_ 76720
icue86d.tmp
icuieb.rra
sbs_ve_ambr_20150711003702.920_ 83770
sbs_ve_ambr_20150527210310.960_ 6883
icui22a7.rra
sbs_ve_ambr_20150714115630.096_ 122564
icuafa9.tmp
icui8bae.rra
icuieac.rra
icuf120.tmp
icui32d1.rra
icuiaa54.rra
icuie7c7.rra
icu1702.tmp
icuio54.dll
icub83.tmp
sbs_ve_ambr_20150606000728.845_ 237
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!