× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b0dd3167f4e1785759079c72021fd6947c4d296a0d0889520069f7a3b9f0af53
File name: 5[1].exe
Detection ratio: 1 / 54
Analysis date: 2014-11-14 22:19:55 UTC ( 4 years, 4 months ago ) View latest
Antivirus Result Update
Norman Simda.TLI 20141114
Ad-Aware 20141114
AegisLab 20141114
Yandex 20141114
AhnLab-V3 20141114
Antiy-AVL 20141114
Avast 20141114
AVG 20141114
Avira (no cloud) 20141114
AVware 20141114
Baidu-International 20141107
BitDefender 20141114
Bkav 20141114
ByteHero 20141114
CAT-QuickHeal 20141114
ClamAV 20141114
CMC 20141114
Comodo 20141114
Cyren 20141114
DrWeb 20141114
Emsisoft 20141114
ESET-NOD32 20141114
F-Prot 20141114
F-Secure 20141114
Fortinet 20141114
GData 20141114
Ikarus 20141114
Jiangmin 20141114
K7AntiVirus 20141114
K7GW 20141114
Kaspersky 20141114
Kingsoft 20141114
Malwarebytes 20141114
McAfee 20141114
McAfee-GW-Edition 20141114
Microsoft 20141114
eScan 20141114
NANO-Antivirus 20141114
nProtect 20141114
Panda 20141114
Qihoo-360 20141114
Rising 20141114
Sophos AV 20141114
SUPERAntiSpyware 20141114
Symantec 20141114
Tencent 20141114
TheHacker 20141111
TotalDefense 20141114
TrendMicro 20141114
TrendMicro-HouseCall 20141114
VBA32 20141114
ViRobot 20141114
Zillya 20141113
Zoner 20141112
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright(c) 2007 Corel Corporation

Publisher Corel Corporation
Product Corel Common Framework
Original name DIMIntl.dll
Internal name DIM
File version 7.5.0.375
Description DIM
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-11-14 15:41:34
Entry Point 0x00001230
Number of sections 4
PE sections
PE imports
RegOpenKeyExA
NotifyBootConfigStatus
RegQueryValueExA
FlattenPath
CloseFigure
CreateMetaFileA
CancelDC
GdiFlush
GetDCPenColor
SelectObject
SetTextAlign
GetFontLanguageInfo
CreateCompatibleDC
SetTextColor
CreateMetaFileW
GetLastError
Sleep
GetModuleHandleA
GetCommandLineW
GetTickCount
GetCommandLineA
GetVersion
VirtualAlloc
LoadLibraryA
EnableMenuItem
LoadCursorA
LoadIconA
DestroyIcon
UpdateWindow
GetKeyboardType
IsDlgButtonChecked
IsWindowVisible
GetSysColor
GetMenu
_cexit
__p__fmode
_c_exit
_except_handler3
_exit
__p__commode
__initenv
_controlfp
exit
_XcptFilter
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__set_app_type
Number of PE resources by type
RT_ICON 2
RT_DIALOG 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 5
PE resources
ExifTool file metadata
CodeSize
54784

SubsystemVersion
5.0

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
7.5.0.375

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
DIM

CharacterSet
Windows, Latin1

InitializedDataSize
293376

FileOS
Win32

MIMEType
application/octet-stream

LegalCopyright
Copyright(c) 2007 Corel Corporation

FileVersion
7.5.0.375

TimeStamp
2014:11:14 16:41:34+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
DIM

FileAccessDate
2014:11:27 14:50:28+01:00

ProductVersion
7.5.0.375

UninitializedDataSize
0

Builton
Fri 12/14/2007 16:45:14.17

OSVersion
5.0

FileCreateDate
2014:11:27 14:50:28+01:00

OriginalFilename
DIMIntl.dll

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Corel Corporation

LegalTrademarks
Copyright(c) 2007 Corel Corporation

ProductName
Corel Common Framework

ProductVersionNumber
7.5.0.375

EntryPoint
0x1230

ObjectFileType
Executable application

File identification
MD5 61e50d2d979557718b85fe9d19332f66
SHA1 0335040d947863fbb48384dd7b6c565d9b775bee
SHA256 b0dd3167f4e1785759079c72021fd6947c4d296a0d0889520069f7a3b9f0af53
ssdeep
3072:pkoG9TMPfaY7IMRpll1x/Nmeci9VJCTwxDrK5J6wsdKGE8tuBGq:pkowDafl/Nm/i9VJCTYDrwbsdTnuBG

authentihash f14122e9ef697d7c79b4a02b04eca3c2f8db375fde560f8c60e9da97e8af0ed6
imphash afd81c52bf00f616eee9f53798aff662
File size 340.5 KB ( 348672 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2014-11-14 22:19:55 UTC ( 4 years, 4 months ago )
Last submission 2014-11-18 14:25:52 UTC ( 4 years, 4 months ago )
File names 5[1].exe
DIM
DIMIntl.dll
vti-rescan
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Created mutexes
Opened mutexes
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.