× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: acc31134644c8821066b3eff932a3125a75029f1d608e6564cb23f394b474e31
File name: exploit.dll
Detection ratio: 8 / 42
Analysis date: 2009-06-20 08:57:39 UTC ( 4 years, 10 months ago ) View latest
Antivirus Result Update
AntiVir EXP/GreenDam.A 20090619
Authentium W32/GreenDam.A 20090619
F-Prot W32/GreenDam.A 20090619
Ikarus Exploit.GreenDam 20090620
Kaspersky Exploit.MSIL.Agent.a 20090620
McAfee-GW-Edition Exploit.GreenDam.A 20090619
Prevx Medium Risk Malware 20090620
a-squared Exploit.GreenDam!IK 20090620
AVG 20090619
AhnLab-V3 20090619
Antiy-AVL 20090619
Avast 20090619
BitDefender 20090620
CAT-QuickHeal 20090619
ClamAV 20090620
Comodo 20090620
DrWeb 20090620
F-Secure 20090619
Fortinet 20090619
GData 20090620
Jiangmin 20090620
K7AntiVirus 20090619
McAfee 20090619
McAfee+Artemis 20090619
Microsoft 20090620
NOD32 20090620
NOD32Beta 20090620
Norman 20090619
PCTools 20090619
Panda 20090619
Rising 20090620
Sophos 20090620
Sunbelt 20090620
Symantec 20090620
TheHacker 20090619
TrendMicro 20090619
VBA32 20090620
ViRobot 20090619
VirusBuster 20090619
eSafe 20090618
eTrust-Vet 20090619
nProtect 20090620
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
Authenticode signature block
Version 0.0.0.0
Original name exploit.dll
Internal name exploit.dll
File version 0.0.0.0
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-06-08 11:03:49
Link date 12:03 PM 6/8/2009
Entry Point 0x000026EE
Number of sections 3
PE sections
PE imports
_CorDllMain
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
8.0

ImageVersion
0.0

FileVersionNumber
0.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
1536

FileOS
Win32

MIMEType
application/octet-stream

FileVersion
0.0.0.0

TimeStamp
2009:06:08 12:03:49+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
exploit.dll

ProductVersion
0.0.0.0

SubsystemVersion
4.0

OSVersion
4.0

OriginalFilename
exploit.dll

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CodeSize
2048

FileSubtype
0

ProductVersionNumber
0.0.0.0

EntryPoint
0x26ee

ObjectFileType
Dynamic link library

AssemblyVersion
0.0.0.0

Compressed bundles
File identification
MD5 a8fb1e5c3c0bfaa7adc794eeffce23fa
SHA1 3c866e80ecf5c98878d9c197c1175f77461f6578
SHA256 acc31134644c8821066b3eff932a3125a75029f1d608e6564cb23f394b474e31
ssdeep
24:etGSQPwQgVWjhnQgtkZfnLCeIT0uZhNBolx6KPNnq:6gEVWjhnQHJnLpFul+lx6mq

File size 4.0 KB ( 4096 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
assembly pedll

VirusTotal metadata
First submission 2009-06-13 22:52:05 UTC ( 4 years, 10 months ago )
Last submission 2012-07-25 04:12:34 UTC ( 1 year, 9 months ago )
File names smona_acc31134644c8821066b3eff932a3125a75029f1d608e6564cb23f394b474e31.bin
virussign.com_a8fb1e5c3c0bfaa7adc794eeffce23fa.dll
a8fb1e5c3c0bfaa7adc794eeffce23fa.dll
exploit.dll
Advanced heuristic and reputation engines
ClamAV PUA
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: http://www.clamav.net/index.php?s=pua&lang=en .

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!