× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b08e02093c99fd95dfcb8f3f6d316a9ae332f3a9b42e3220d427090d1038184c
File name: Microsoft.CodeAnalysis.Scripting.dll
Detection ratio: 0 / 69
Analysis date: 2019-02-09 00:06:47 UTC ( 1 week ago )
Antivirus Result Update
Acronis 20190208
Ad-Aware 20190208
AegisLab 20190208
AhnLab-V3 20190208
Alibaba 20180921
ALYac 20190208
Antiy-AVL 20190208
Arcabit 20190208
Avast 20190208
Avast-Mobile 20190208
AVG 20190208
Avira (no cloud) 20190208
Babable 20180918
Baidu 20190202
BitDefender 20190208
Bkav 20190201
CAT-QuickHeal 20190208
ClamAV 20190208
CMC 20190208
Comodo 20190208
CrowdStrike Falcon (ML) 20181023
Cybereason 20190109
Cylance 20190209
Cyren 20190208
DrWeb 20190208
eGambit 20190209
Emsisoft 20190208
Endgame 20181108
ESET-NOD32 20190209
F-Prot 20190208
F-Secure 20190209
Fortinet 20190209
GData 20190209
Ikarus 20190208
Sophos ML 20181128
Jiangmin 20190208
K7AntiVirus 20190208
K7GW 20190208
Kaspersky 20190208
Kingsoft 20190209
Malwarebytes 20190209
MAX 20190209
McAfee 20190209
McAfee-GW-Edition 20190208
Microsoft 20190209
eScan 20190208
NANO-Antivirus 20190209
Palo Alto Networks (Known Signatures) 20190209
Panda 20190208
Qihoo-360 20190209
Rising 20190208
SentinelOne (Static ML) 20190203
Sophos AV 20190208
SUPERAntiSpyware 20190206
Symantec 20190209
Symantec Mobile Insight 20190207
TACHYON 20190208
Tencent 20190209
TheHacker 20190203
TotalDefense 20190206
Trapmine 20190123
TrendMicro 20190209
TrendMicro-HouseCall 20190208
Trustlook 20190209
VBA32 20190208
ViRobot 20190208
Webroot 20190209
Yandex 20190208
Zillya 20190208
ZoneAlarm by Check Point 20190208
Zoner 20190209
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Original name Microsoft.CodeAnalysis.Scripting.dll
Internal name Microsoft.CodeAnalysis.Scripting.dll
File version 2.9.0.63208
Description
Signature verification Signed file, verified signature
Signing date 6:27 AM 8/8/2018
Signers
[+] Microsoft Corporation
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Microsoft Code Signing PCA 2010
Valid from 05:07 PM 09/12/2017
Valid to 05:07 PM 09/12/2018
Valid usage 1.3.6.1.4.1.311.61.6.1, Code Signing
Algorithm sha256RSA
Thumbprint 23DC55969BA4E82C13DD0A0E9E3D41B9E41560B6
Serial number 33 00 00 01 CC B5 5B 42 17 07 60 13 11 00 00 00 00 01 CC
[+] Microsoft Code Signing PCA 2010
Status Valid
Issuer Microsoft Root Certificate Authority 2010
Valid from 07:40 PM 07/06/2010
Valid to 07:50 PM 07/06/2025
Valid usage All
Algorithm sha256RSA
Thumbprint 8BFE3107712B3C886B1C96AAEC89984914DC9B6B
Serial number 61 0C 52 4C 00 00 00 00 00 03
[+] Microsoft Root Certificate Authority 2010
Status Valid
Issuer Microsoft Root Certificate Authority 2010
Valid from 08:57 PM 06/23/2010
Valid to 09:04 PM 06/23/2035
Valid usage All
Algorithm sha256RSA
Thumbprint 3B1EFD3A66EA28B16697394703A72CA340A05BD5
Serial number 28 CC 3A 25 BF BA 44 AC 44 9A 9B 58 6B 43 39 AA
Counter signers
[+] Microsoft Time-Stamp Service
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Microsoft Time-Stamp PCA 2010
Valid from 04:56 PM 09/07/2016
Valid to 04:56 PM 09/07/2018
Valid usage Timestamp Signing
Algorithm sha256RSA
Thumbrint 3970258B14C879DD5F0C5DE98B9CB39499F71CB7
Serial number 33 00 00 00 AC 8A 21 BC 7A D2 9B 72 F4 00 00 00 00 00 AC
[+] Microsoft Time-Stamp PCA 2010
Status Valid
Issuer Microsoft Root Certificate Authority 2010
Valid from 08:36 PM 07/01/2010
Valid to 08:46 PM 07/01/2025
Valid usage All
Algorithm sha256RSA
Thumbrint 2AA752FE64C49ABE82913C463529CF10FF2F04EE
Serial number 61 09 81 2A 00 00 00 00 00 02
[+] Microsoft Root Certificate Authority 2010
Status Valid
Issuer Microsoft Root Certificate Authority 2010
Valid from 08:57 PM 06/23/2010
Valid to 09:04 PM 06/23/2035
Valid usage All
Algorithm sha256RSA
Thumbrint 3B1EFD3A66EA28B16697394703A72CA340A05BD5
Serial number 28 CC 3A 25 BF BA 44 AC 44 9A 9B 58 6B 43 39 AA
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2087-06-08 04:02:45
Entry Point 0x0001E9B2
Number of sections 3
.NET details
Module Version ID 76034ee9-3675-497b-ab76-d09ccb39cce3
PE sections
Overlays
MD5 675fcd9718ed9e1492831ea535e4874b
File type data
Offset 119296
Size 8624
Entropy 7.34
PE imports
_CorDllMain
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
48.0

ImageVersion
0.0

FileVersionNumber
2.9.0.63208

LanguageCode
Neutral

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, Large address aware, DLL

CharacterSet
Unicode

InitializedDataSize
1536

EntryPoint
0x1e9b2

OriginalFileName
Microsoft.CodeAnalysis.Scripting.dll

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
2.9.0.63208

TimeStamp
2087:06:08 06:02:45+02:00

FileType
Win32 DLL

PEType
PE32

InternalName
Microsoft.CodeAnalysis.Scripting.dll

ProductVersion
2.9.0-beta8-63208-01

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
117248

FileSubtype
0

ProductVersionNumber
2.9.0.0

FileTypeExtension
dll

ObjectFileType
Dynamic link library

AssemblyVersion
2.9.0.0

File identification
MD5 a0dc41d3d08fcb1ccff15eb6d6311a36
SHA1 e86efce98b5b7f17c3e39f79c62c9607f54c5840
SHA256 b08e02093c99fd95dfcb8f3f6d316a9ae332f3a9b42e3220d427090d1038184c
ssdeep
3072:tz2vxMy2JRYfgSQt12aVTOw+CDmMrxoYFYSBrI+v:JPRYfgSAQwiDCDzFoYFY4

authentihash d94750d8b6c6d308580e96edc6c3a1edba4486f5394e2d2b29531b7540b6fb35
imphash dae02f32a21e03ce65412f6e56942daa
File size 124.9 KB ( 127920 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 Mono/.Net assembly

TrID Win64 Executable (generic) (61.7%)
Win32 Dynamic Link Library (generic) (14.7%)
Win32 Executable (generic) (10.0%)
OS/2 Executable (generic) (4.5%)
Generic Win/DOS Executable (4.4%)
Tags
assembly pedll signed overlay

VirusTotal metadata
First submission 2018-08-22 09:05:46 UTC ( 5 months, 4 weeks ago )
Last submission 2018-08-22 09:05:46 UTC ( 5 months, 4 weeks ago )
File names Microsoft.CodeAnalysis.Scripting.dll
Microsoft.CodeAnalysis.Scripting.dll
Microsoft.CodeAnalysis.Scripting.dll
Microsoft.CodeAnalysis.Scripting.dll
Microsoft.CodeAnalysis.Scripting.dll
Microsoft.CodeAnalysis.Scripting.dll
Microsoft.CodeAnalysis.Scripting.dll
Microsoft.CodeAnalysis.Scripting.dll
Microsoft.CodeAnalysis.Scripting.dll
Microsoft.CodeAnalysis.Scripting.dll
Microsoft.CodeAnalysis.Scripting.dll
Microsoft.CodeAnalysis.Scripting.dll
Microsoft.CodeAnalysis.Scripting.dll
Microsoft.CodeAnalysis.Scripting.dll
Microsoft.CodeAnalysis.Scripting.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!