× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b255c07f678e4f3401e65d2e5531f0cd8a9f7be4d443fe160bddf92d7e1d718a
File name: nQuant.Core.dll
Detection ratio: 0 / 71
Analysis date: 2019-04-27 08:38:11 UTC ( 4 weeks ago )
Antivirus Result Update
Acronis 20190425
Ad-Aware 20190427
AegisLab 20190427
AhnLab-V3 20190426
Alibaba 20190426
ALYac 20190427
Antiy-AVL 20190427
Arcabit 20190427
Avast 20190427
Avast-Mobile 20190427
AVG 20190427
Avira (no cloud) 20190427
Babable 20190424
Baidu 20190318
BitDefender 20190427
Bkav 20190425
CAT-QuickHeal 20190426
ClamAV 20190427
CMC 20190321
Comodo 20190427
CrowdStrike Falcon (ML) 20190212
Cybereason 20190417
Cylance 20190427
Cyren 20190427
DrWeb 20190427
eGambit 20190427
Emsisoft 20190427
Endgame 20190403
ESET-NOD32 20190427
F-Prot 20190427
F-Secure 20190427
FireEye 20190427
Fortinet 20190427
GData 20190427
Ikarus 20190427
Sophos ML 20190313
Jiangmin 20190427
K7AntiVirus 20190427
K7GW 20190427
Kaspersky 20190427
Kingsoft 20190427
Malwarebytes 20190427
MAX 20190427
McAfee 20190427
McAfee-GW-Edition 20190427
Microsoft 20190427
eScan 20190427
NANO-Antivirus 20190427
Palo Alto Networks (Known Signatures) 20190427
Panda 20190427
Qihoo-360 20190427
Rising 20190427
SentinelOne (Static ML) 20190420
Sophos AV 20190427
SUPERAntiSpyware 20190423
Symantec 20190426
Symantec Mobile Insight 20190418
TACHYON 20190427
Tencent 20190427
TheHacker 20190421
TotalDefense 20190427
Trapmine 20190325
TrendMicro 20190427
TrendMicro-HouseCall 20190427
Trustlook 20190427
VBA32 20190426
VIPRE 20190425
ViRobot 20190426
Webroot 20190427
Yandex 20190426
Zillya 20190426
ZoneAlarm by Check Point 20190427
Zoner 20190426
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright Matt Wrock 2011

Product nQuant
Original name nQuant.Core.dll
Internal name nQuant.Core.dll
File version 1.0.3
Description nQuant
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-01-25 06:09:36
Entry Point 0x000064DE
Number of sections 3
.NET details
Module Version ID 6b1a176f-3ef7-4423-b267-7fbd22601748
PE sections
PE imports
_CorDllMain
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
CodeSize
17920

SubsystemVersion
4.0

LinkerVersion
11.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.3.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
nQuant

ImageFileCharacteristics
Executable, 32-bit, DLL

CharacterSet
Unicode

InitializedDataSize
1536

EntryPoint
0x64de

OriginalFileName
nQuant.Core.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright Matt Wrock 2011

FileVersion
1.0.3

TimeStamp
2013:01:25 07:09:36+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
nQuant.Core.dll

ProductVersion
1.0.3

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

LegalTrademarks
23:7f111f3b95fb43d5856c50710dc8e958a7fbbca0

ProductName
nQuant

ProductVersionNumber
1.0.3.0

FileTypeExtension
dll

ObjectFileType
Dynamic link library

AssemblyVersion
1.0.3.0

CarbonBlack CarbonBlack acts as a surveillance camera for computers
While monitoring an end-user machine in-the-wild, CarbonBlack noticed the following files in execution wrote this sample to disk.
Compressed bundles
File identification
MD5 c527b21e1b35a39a83e96c58713daf15
SHA1 fec6e588641b9e1fdbbba33793961ebce20f52b8
SHA256 b255c07f678e4f3401e65d2e5531f0cd8a9f7be4d443fe160bddf92d7e1d718a
ssdeep
384:GAi5y7lGdVltq3gDWlCAfvVdjkApfnT0Tr7:Gz5NVlQ3iW9Hjn4H7

authentihash 3981de43099d1e606ae081ab290eb6731bbc36e0558cfe047499ff3e14e022b7
imphash dae02f32a21e03ce65412f6e56942daa
File size 19.5 KB ( 19968 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit Mono/.Net assembly

TrID Generic .NET DLL/Assembly (93.2%)
Win32 Dynamic Link Library (generic) (2.5%)
Win32 Executable (generic) (1.7%)
OS/2 Executable (generic) (0.7%)
Generic Win/DOS Executable (0.7%)
Tags
assembly pedll

VirusTotal metadata
First submission 2013-06-26 13:29:13 UTC ( 5 years, 11 months ago )
Last submission 2013-06-26 13:29:13 UTC ( 5 years, 11 months ago )
File names nQuant.Core.dll
nquant.core.dll
nQuant.Core.dll
nQuant.Core.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!