× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ad563098060dc213fbe3e7490d8ea4fa34c070ca2bba05d27166a4e3cc2c6825
File name: urlmon.dll
Detection ratio: 0 / 53
Analysis date: 2014-07-20 18:44:37 UTC ( 4 years, 6 months ago ) View latest
Antivirus Result Update
Ad-Aware 20140720
AegisLab 20140720
Yandex 20140720
AhnLab-V3 20140720
AntiVir 20140720
Antiy-AVL 20140720
Avast 20140720
AVG 20140720
Baidu-International 20140720
BitDefender 20140720
Bkav 20140719
ByteHero 20140720
CAT-QuickHeal 20140719
ClamAV 20140720
CMC 20140717
Commtouch 20140720
Comodo 20140720
DrWeb 20140720
Emsisoft 20140720
ESET-NOD32 20140720
F-Prot 20140720
F-Secure 20140720
Fortinet 20140720
GData 20140720
Ikarus 20140720
Jiangmin 20140720
K7AntiVirus 20140718
K7GW 20140719
Kaspersky 20140720
Kingsoft 20140720
Malwarebytes 20140720
McAfee 20140720
McAfee-GW-Edition 20140719
Microsoft 20140720
eScan 20140720
NANO-Antivirus 20140720
Norman 20140720
nProtect 20140720
Panda 20140720
Qihoo-360 20140720
Rising 20140720
Sophos AV 20140720
SUPERAntiSpyware 20140719
Symantec 20140720
Tencent 20140720
TheHacker 20140718
TotalDefense 20140720
TrendMicro 20140720
TrendMicro-HouseCall 20140720
VBA32 20140718
VIPRE 20140720
ViRobot 20140720
Zoner 20140718
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Internet Explorer
Original name UrlMon.dll
Internal name UrlMon.dll
File version 11.00.9600.17207 (winblue_gdr_escrow.140618-1157)
Description OLE32 Extensions for Win32
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-06-18 22:09:30
Entry Point 0x00001098
Number of sections 6
PE sections
PE imports
GetDriveTypeW
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
DeactivateActCtx
WaitForSingleObject
GetDriveTypeA
FindNextFileA
EncodePointer
GetFileAttributesW
DuplicateHandle
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
OpenFileMappingW
GetLocaleInfoA
LocalAlloc
UnhandledExceptionFilter
ExpandEnvironmentStringsA
SetErrorMode
GetFullPathNameA
GetFileTime
GetTempPathA
GetCPInfo
WriteFile
GetSystemTimeAsFileTime
ReleaseActCtx
SetFileAttributesA
GetExitCodeProcess
LocalFree
IsWow64Process
InitializeCriticalSection
FindClose
TlsGetValue
QueryDosDeviceW
FormatMessageA
GetFullPathNameW
GetTickCount
WritePrivateProfileStringW
SetLastError
GetSystemTime
DeviceIoControl
GetModuleFileNameW
TryEnterCriticalSection
CopyFileA
HeapAlloc
GetModuleFileNameA
InitializeCriticalSectionEx
LoadLibraryExA
CreateActCtxW
GetPrivateProfileStringA
GetUserDefaultLCID
ActivateActCtx
GetSystemDefaultLCID
LoadLibraryExW
MultiByteToWideChar
CreateMutexA
GetModuleHandleA
CreateThread
GetExitCodeThread
SetUnhandledExceptionFilter
CreateMutexW
GetSystemDirectoryA
DecodePointer
ReleaseSRWLockShared
FindAtomW
GetModuleHandleExW
GlobalAlloc
LocalFileTimeToFileTime
FindAtomA
GetCurrentThreadId
InitializeSRWLock
AcquireSRWLockExclusive
HeapFree
EnterCriticalSection
OpenProcess
TerminateThread
LoadLibraryW
FreeLibrary
QueryPerformanceCounter
AcquireSRWLockShared
TlsAlloc
GetVersionExA
LoadLibraryA
ExitThread
GlobalSize
SystemTimeToFileTime
GetFileSize
AddAtomA
WaitForMultipleObjects
GetPrivateProfileIntA
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
CreateDirectoryW
DeleteFileW
GetProcAddress
GetPrivateProfileIntW
AddAtomW
GetProcessHeap
GetTempFileNameW
CreateFileMappingW
CompareStringW
GetFileSizeEx
lstrcmpA
FindFirstFileA
GetTimeFormatA
FindFirstFileW
ReleaseSRWLockExclusive
lstrcmpW
SearchPathA
GlobalLock
CreateFileW
TlsSetValue
CreateFileA
LeaveCriticalSection
GetLastError
LocalReAlloc
DosDateTimeToFileTime
GetShortPathNameW
GetSystemInfo
GlobalFree
GetThreadLocale
GlobalUnlock
IsDBCSLeadByte
RemoveDirectoryA
GetShortPathNameA
CompareFileTime
GetCurrentProcessId
SetFileTime
WideCharToMultiByte
GetCurrentThread
RaiseException
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
DeleteAtom
CloseHandle
OpenMutexW
GetACP
GetModuleHandleW
GetFileAttributesExW
GetLongPathNameW
CreateProcessA
UnmapViewOfFile
GetTempPathW
RtlMoveMemory
GetLongPathNameA
Sleep
TerminateProcess
CompareStringA
SHRegCreateUSKeyW
SHRegQueryInfoUSKeyW
PathCreateFromUrlA
Ord(1)
UrlGetPartA
SHRegEnumUSValueW
SHRegDeleteEmptyUSKeyW
UrlCompareW
SHRegWriteUSValueW
ShellMessageBoxA
MapWindowPoints
RegisterWindowMessageW
RegisterClipboardFormatA
GetUserObjectInformationW
GetParent
SendNotifyMessageA
SetPropA
EndDialog
DrawTextW
EnumWindows
KillTimer
FindWindowA
DefWindowProcA
ShowWindow
GetPropA
SetWindowPos
SendDlgItemMessageA
GetSystemMetrics
SetWindowLongW
GetClipboardFormatNameA
PeekMessageW
GetWindowRect
DispatchMessageA
EnableWindow
LoadStringA
PostMessageA
DialogBoxParamW
PeekMessageA
GetWindowDC
SetWindowLongA
SendDlgItemMessageW
PostQuitMessage
SendMessageTimeoutW
PostMessageW
SendMessageW
CheckDlgButton
GetDC
GetAsyncKeyState
ReleaseDC
SystemParametersInfoA
GetDoubleClickTime
DestroyIcon
UnregisterClassA
GetLastActivePopup
TranslateMessage
IsWindowVisible
SendMessageA
LoadStringW
GetClientRect
CreateWindowExA
GetDlgItem
AllowSetForegroundWindow
SystemParametersInfoW
GetThreadDesktop
GetProcessWindowStation
GetWindowLongA
SetTimer
LoadImageW
GetClassNameW
RegisterClassA
IsDlgButtonChecked
SetWindowTextW
SetDlgItemTextW
FindWindowExW
DispatchMessageW
MsgWaitForMultipleObjects
GetWindowLongW
SetForegroundWindow
DestroyWindow
FindFirstUrlCacheEntryExW
DeleteUrlCacheEntryA
AppCacheDuplicateHandle
FreeUrlCacheSpaceW
FtpGetFileSize
HttpOpenDependencyHandle
InternetInitializeAutoProxyDll
HttpSendRequestExW
InternetUnlockRequestFile
CreateUrlCacheEntryA
HttpPushEnable
HttpCloseDependencyHandle
InternetSetStatusCallbackA
InternetErrorDlg
HttpDuplicateDependencyHandle
RetrieveUrlCacheEntryFileW
InternetQueryDataAvailable
CommitUrlCacheEntryA
InternetSetCookieExW
HttpEndRequestA
UrlCacheCreateContainer
HttpOpenRequestW
InternetTimeToSystemTimeA
GetUrlCacheConfigInfoW
GetUrlCacheEntryInfoA
InternetQueryOptionW
InternetConnectW
GetUrlCacheEntryInfoExA
DeleteUrlCacheContainerW
InternetCloseHandle
InternetReadFileExW
AppCacheLookup
HttpPushClose
UnlockUrlCacheEntryFileW
InternetQueryOptionA
GetUrlCacheEntryInfoW
GetUrlCacheEntryInfoExW
HttpAddRequestHeadersW
HttpQueryInfoW
AppCacheCloseHandle
InternetLockRequestFile
InternetWriteFile
InternetReadFile
FindFirstUrlCacheContainerA
AppCacheGetGroupList
GetUrlCacheEntryBinaryBlob
CreateUrlCacheContainerW
AppCacheFreeGroupList
IsHostInProxyBypassList
InternetTimeFromSystemTimeA
HttpQueryInfoA
InternetSetFilePointer
InternetCreateUrlA
ResumeSuspendedDownload
FindCloseUrlCache
CommitUrlCacheEntryBinaryBlob
InternetSetOptionA
FindNextUrlCacheContainerA
InternetCanonicalizeUrlA
HttpPushWait
AppCacheGetFallbackUrl
InternetSetOptionW
HttpSendRequestW
InternetOpenUrlW
FindNextUrlCacheEntryW
InternetCrackUrlA
InternetOpenW
DeleteUrlCacheEntryW
CommitUrlCacheEntryW
InternetGetCookieExW
RegCreateKeyExW
RegCloseKey
DuplicateToken
RegQueryValueExA
RegCreateKeyExA
RegQueryValueExW
CreateWellKnownSid
OpenProcessToken
RegGetValueW
RegOpenKeyExW
TraceMessageVa
RegOpenKeyExA
RegDeleteValueA
RegGetValueA
GetTokenInformation
UnregisterTraceGuids
GetTraceEnableLevel
OpenThreadToken
GetTraceEnableFlags
RegEnumKeyExA
RegQueryInfoKeyA
RegEnumValueW
RegSetValueExW
RegDeleteKeyExA
CheckTokenMembership
RegSetValueExA
RegEnumValueA
GetTraceLoggerHandle
CoUnmarshalInterface
CoInitializeEx
FreePropVariantArray
CoTaskMemAlloc
CoCreateGuid
CoCreateInstance
CoGetMarshalSizeMax
CoFreeUnusedLibraries
CoMarshalInterface
StringFromCLSID
CoUninitialize
CoGetTreatAsClass
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
StringFromGUID2
CoSetProxyBlanket
CoGetClassObject
PathFindExtensionA
PathIsPrefixA
StrRChrW
StrCmpICA
UrlGetLocationW
SHRegDeleteUSValueW
UrlEscapeW
HashData
UrlCombineW
PathFindExtensionW
SHRegOpenUSKeyW
UrlCreateFromPathW
PathIsUNCW
PathIsRootW
StrCmpICW
StrToIntExW
SHRegGetUSValueA
StrCmpNCW
StrTrimW
SHRegGetBoolUSValueW
StrDupA
StrChrIW
PathIsUNCServerShareW
StrCmpNCA
StrChrA
PathGetDriveNumberW
StrCmpIW
PathStripToRootW
StrCmpCA
StrCmpCW
PathRemoveExtensionW
StrCmpNICW
StrStrIA
StrStrW
StrToInt64ExW
PathIsUNCServerW
PathRemoveFileSpecW
StrToIntA
UrlGetPartW
SHRegEnumUSKeyW
PathCreateFromUrlW
StrStrIW
UrlUnescapeW
StrCmpNICA
StrToIntW
SHRegCloseUSKey
StrStrA
StrCmpW
StrCmpNW
StrDupW
PathUnquoteSpacesW
ParseURLW
PathFindFileNameW
SHRegGetBoolUSValueA
StrChrW
StrChrNW
SHRegGetUSValueW
UrlIsW
QISearch
SHRegQueryUSValueW
StrCmpNA
UrlCanonicalizeW
StrCmpNIA
PathFileExistsA
PathIsPrefixW
CharPrevA
CharLowerA
CharLowerBuffW
CharNextA
CharUpperBuffA
CharLowerW
CharPrevW
CharNextW
GetFileVersionInfoExW
GetFileVersionInfoSizeExW
VerQueryValueW
CreateUriFromMultiByteString
PrivateCoInternetParseIUri
CreateUri
Ord(518)
Ord(404)
Ord(527)
Ord(62)
Ord(683)
Ord(665)
Ord(42)
Ord(281)
IUriBuilderInternalCreateDomain
Ord(700)
Ord(54)
Ord(70)
GetPropertyName
CreateUriWithFragment
Ord(49)
Ord(141)
Ord(71)
Ord(682)
CreateUriPriv
Ord(706)
Ord(664)
Ord(25)
Ord(654)
Ord(79)
Ord(670)
Ord(701)
Ord(65)
Ord(460)
Ord(386)
PrivateCoInternetCanonicalizeIUri
Ord(205)
Ord(81)
Ord(516)
Ord(166)
Ord(89)
Ord(142)
GetIDNSettingsForIE
UriFromHostAndScheme
Ord(707)
Ord(681)
Ord(655)
Ord(56)
FastMimeSetIsMimeFilterEnabled
Ord(457)
Ord(64)
IsDWORDProperty
GetPortFromUrlScheme
FastMimeGetIsMimeFilterEnabled
Ord(143)
Ord(593)
Ord(667)
Ord(57)
Ord(656)
Ord(541)
Ord(16)
Ord(466)
Ord(658)
CreateIUriBuilder
Ord(74)
GetIUriPriv
Ord(58)
Ord(425)
Ord(399)
Ord(650)
Ord(282)
Ord(796)
Ord(592)
Ord(50)
Ord(340)
Ord(173)
Ord(657)
Ord(88)
Ord(17)
Ord(751)
Ord(140)
Ord(76)
Ord(9)
Ord(86)
Ord(230)
Ord(520)
Ord(791)
Ord(61)
Ord(135)
Ord(151)
Ord(398)
Ord(651)
Ord(209)
Ord(528)
Ord(45)
Ord(172)
Ord(391)
Ord(750)
IntlPercentEncodeNormalize
FastMimeLookupKnownType
Ord(134)
Ord(443)
Ord(150)
Ord(85)
Ord(675)
Ord(68)
Ord(44)
Ord(159)
Ord(20)
Ord(463)
Ord(28)
Ord(72)
Ord(201)
GetIUriPriv2
Ord(453)
Ord(35)
Ord(325)
Ord(519)
Ord(63)
Ord(526)
PrivateCoInternetCombineIUri
Ord(793)
Ord(458)
Ord(43)
Ord(672)
GetPropertyFromName
Ord(158)
Ord(403)
IsStringProperty
Ord(200)
Ord(32)
CreateStringHashN
_purecall
_ultow_s
malloc
realloc
wcstoul
??_U@YAPAXI@Z
wcschr
__dllonexit
_wcsicmp
wcstol
swscanf_s
fgets
wcstok_s
_vsnwprintf
_amsg_exit
memset
_lock
_onexit
isalpha
_XcptFilter
memcmp
iswalpha
wcsrchr
??_V@YAXPAX@Z
strchr
_i64tow_s
_unlock
fclose
free
__CxxFrameHandler3
_except_handler4_common
wcsncmp
_wfopen
memcpy
strnlen
_vsnprintf
memcpy_s
towlower
_wcsnicmp
bsearch
_ui64tow_s
wcsstr
_initterm
_wtoi
RtlIpv4StringToAddressExW
RtlIpv6StringToAddressExW
CoInitialize
ReleaseStgMedium
GetClassFile
StgOpenStorage
OleGetAutoConvert
CreateBindCtx
StgOpenStorageOnILockBytes
CoGetObject
CreateGenericComposite
MonikerRelativePathTo
MkParseDisplayName
CreateILockBytesOnHGlobal
PE exports
Number of PE resources by type
RT_ICON 93
RT_GROUP_ICON 18
RT_MANIFEST 1
REGINST 1
MUI 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 115
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
417280

ImageVersion
6.3

ProductName
Internet Explorer

FileVersionNumber
11.0.9600.17207

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
OLE32 Extensions for Win32

CharacterSet
Unicode

LinkerVersion
11.0

FileTypeExtension
dll

OriginalFileName
UrlMon.dll

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
11.00.9600.17207 (winblue_gdr_escrow.140618-1157)

TimeStamp
2014:06:18 23:09:30+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
UrlMon.dll

ProductVersion
11.00.9600.17207

SubsystemVersion
6.1

OSVersion
6.3

FileOS
Windows NT 32-bit

LegalCopyright
Microsoft Corporation. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
751104

FileSubtype
0

ProductVersionNumber
11.0.9600.17207

EntryPoint
0x1098

ObjectFileType
Dynamic link library

CarbonBlack CarbonBlack acts as a surveillance camera for computers
Compressed bundles
File identification
MD5 7c44c697ba6d0b698b91ac6516a731c3
SHA1 7b2e0cb8ba48b943582a7e6641d223d1e53de411
SHA256 ad563098060dc213fbe3e7490d8ea4fa34c070ca2bba05d27166a4e3cc2c6825
ssdeep
24576:07z0+DoC6Iabw7wNsPJdy1o4y+3DLH2+8eLSpHs5H0yAE:o7DoZIaWwNP1o4TLH2+7sM5Hb

authentihash 258e5606e093961c0853694981d13ffe6cafd89710eb7c33bac1a321130d9b83
imphash e52b84449c22ee9583f11037b8223e44
File size 1.1 MB ( 1139200 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Windows ActiveX control (49.4%)
InstallShield setup (18.2%)
Win32 Executable MS Visual C++ (generic) (13.2%)
Win64 Executable (generic) (11.7%)
Win32 Dynamic Link Library (generic) (2.7%)
Tags
pedll

VirusTotal metadata
First submission 2014-07-08 19:42:47 UTC ( 4 years, 6 months ago )
Last submission 2017-09-07 04:12:56 UTC ( 1 year, 4 months ago )
File names sbs_ve_ambr_20151015172238.105_ 92934
UrlMon.dll
0841fec141a03e459ff27e26fff3b19d.tmp
urlmon.dll
00d34e65a4b90f4691b66087366b8f94.tmp
3a95c24e689691488fd51d331e46a614.tmp
81531d8fc6e91848bd002154e0650cf9.tmp
c4652478a5bb3f4382a8804b0560fd40.tmp
231e9911fa9fcf01170300002818f014_urlmon.dll
624d947496ee24439314363c82717e87.tmp
3401912e20830640a4222a7c9e06972b.tmp
f2ee5823cb5f7b47b21f4419dbc7fea8.tmp
bf5e00930f875e4e9870732ef60ccedf.tmp
sbs_ve_ambr_20160010170247.657_ 515
aaeb1e5871980b468f8e42d75a7000b1.tmp
3ee96115c5831341ae35ad0a3dd97853.tmp
1bfd30b2110cff4bb0cf8101763f514f.tmp
9d0b4b5ec7f1ff4abdc31014f214313a.tmp
47f117046614844c8664550e9f0a5a4b.tmp
b88cba16bd89724599f4b9a309a7dcc8.tmp
daeeeb944eb7e844b427a3574640344e.tmp
e694accc2b6a054ca75cd632da4b0c01.tmp
28761e0461e28a478e2b31f9f1d66943.tmp
8bbb552047e9684ead0343da5aeaa2aa.tmp
dd1cc252950be0458d74a733ed9f25df.tmp
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!