× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b443da0d1515031bc0d7217ffb9636ea7eb1ccac22bffd1c79b5ca4c8fc16eb0
File name: tjnecxl.dll
Detection ratio: 54 / 67
Analysis date: 2018-07-13 23:54:53 UTC ( 10 months, 1 week ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Kazy.164639 20180713
AegisLab Troj.W32.Generic!c 20180713
AhnLab-V3 Trojan/Win32.Zbot.R64039 20180713
ALYac Gen:Variant.Kazy.164639 20180713
Antiy-AVL Trojan/Win32.ShipUp 20180714
Arcabit Trojan.Kazy.D2831F 20180714
Avast Win32:Gepys-A [Trj] 20180714
AVG Win32:Gepys-A [Trj] 20180714
Avira (no cloud) TR/Vundo.Gen2 20180712
AVware Trojan.Win32.Generic!BT 20180714
Baidu Win32.Trojan.Agent.eq 20180712
BitDefender Gen:Variant.Kazy.164639 20180713
CAT-QuickHeal TrojanPWS.Zbot.Y 20180713
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180530
Cylance Unsafe 20180714
Cyren W32/Trojan.PKMK-4916 20180713
DrWeb Trojan.Redirect.140 20180713
Emsisoft Gen:Variant.Kazy.164639 (B) 20180713
Endgame malicious (high confidence) 20180711
ESET-NOD32 a variant of Win32/Kryptik.AYUW 20180713
F-Secure Gen:Variant.Kazy.164639 20180713
Fortinet W32/Zbot.FG!tr 20180713
GData Win32.Trojan.Zbot.N 20180713
Ikarus Virus.Win32.Injector 20180713
Sophos ML heuristic 20180601
Jiangmin Trojan/ShipUp.jw 20180713
K7AntiVirus Trojan ( 004b8d221 ) 20180713
K7GW Trojan ( 004b8d221 ) 20180713
Kaspersky HEUR:Trojan.Win32.Generic 20180713
Malwarebytes Rootkit.0Access.ED 20180713
MAX malware (ai score=86) 20180714
McAfee Artemis!32F193033D19 20180713
McAfee-GW-Edition BehavesLike.Win32.Dropper.pm 20180713
Microsoft Trojan:Win32/Gepys.A 20180713
eScan Gen:Variant.Kazy.164639 20180713
NANO-Antivirus Trojan.Win32.Redirect.cratrc 20180713
Panda Trj/Genetic.gen 20180713
Qihoo-360 Win32/Trojan.7ba 20180714
Rising Trojan.Agent!1.6A56 (CLOUD) 20180713
Sophos AV Troj/Gyepis-A 20180713
SUPERAntiSpyware Trojan.Agent/Gen-ShipUp 20180713
Symantec Trojan.Zbot 20180713
TACHYON Trojan/W32.ShipUp.44544 20180713
Tencent Win32.Trojan.Generic.Llhh 20180714
TheHacker Trojan/Kryptik.ayuw 20180712
TrendMicro TROJ_SPNR.35FE13 20180714
TrendMicro-HouseCall TROJ_SPNR.35FE13 20180714
VBA32 BScope.Malware-Cryptor.Zbot.2413 20180713
VIPRE Trojan.Win32.Generic!BT 20180713
ViRobot Trojan.Win32.Z.Zbot.44544.C 20180713
Webroot W32.Infostealer.Zeus 20180714
Yandex Trojan.Agent!E1vV2h7Uujs 20180713
Zillya Trojan.ShipUp.Win32.1697 20180713
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20180714
Alibaba 20180713
Avast-Mobile 20180713
Babable 20180406
Bkav 20180713
ClamAV 20180713
CMC 20180713
Comodo 20180713
Cybereason 20180225
eGambit 20180714
F-Prot 20180713
Kingsoft 20180714
Palo Alto Networks (Known Signatures) 20180714
SentinelOne (Static ML) 20180701
TotalDefense 20180713
Trustlook 20180714
Zoner 20180713
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Description Редактор личных символов
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-04-15 17:40:10
Entry Point 0x00001E40
Number of sections 5
PE sections
PE imports
RegCreateKeyExW
RegOpenKeyA
RegCloseKey
GetTraceEnableLevel
RegSetValueExW
UnregisterTraceGuids
RegQueryValueExA
RegOpenKeyExW
GetTraceLoggerHandle
GetTraceEnableFlags
RegOpenKeyExA
TraceEvent
RegisterTraceGuidsW
RegQueryValueExW
CreateDIBPatternBrushPt
CreatePolygonRgn
GetTextMetricsW
TextOutW
CreateFontIndirectW
CreateHalftonePalette
OffsetRgn
LPtoDP
SetStretchBltMode
DeleteEnhMetaFile
BitBlt
GetPixel
GetObjectA
GetBrushOrgEx
DeleteDC
SetBkMode
SetLayout
PtInRegion
GetObjectW
PatBlt
CreateDIBSection
GetLayout
RealizePalette
SetTextColor
CreatePatternBrush
GetDeviceCaps
SelectObject
FillRgn
ExtTextOutW
RectVisible
GetStockObject
PlayEnhMetaFile
SelectPalette
ExtTextOutA
PtVisible
GetDIBits
SetTextAlign
CreateCompatibleDC
StretchBlt
StretchDIBits
SetBrushOrgEx
CreateRectRgn
DeleteObject
CreateSolidBrush
Escape
SetBkColor
GetTextExtentPoint32W
CreateCompatibleBitmap
HeapDestroy
GetFileAttributesW
DeleteCriticalSection
GetCurrentProcess
LocalAlloc
lstrcatA
ExitProcess
GetLocaleInfoW
GetFileTime
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
LocalFree
FormatMessageW
InitializeCriticalSection
OutputDebugStringW
FindClose
TlsGetValue
GetFullPathNameW
OutputDebugStringA
SetLastError
GetUserDefaultUILanguage
LoadResource
GetModuleFileNameW
HeapAlloc
lstrcmpiW
SetProcessWorkingSetSize
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
FlushInstructionCache
InterlockedExchangeAdd
GetSystemDirectoryW
SetUnhandledExceptionFilter
MulDiv
GetSystemDirectoryA
FindAtomW
SetCurrentDirectoryW
GlobalAlloc
GetVersion
InterlockedIncrement
HeapFree
EnterCriticalSection
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
GetVersionExA
LoadLibraryA
GetWindowsDirectoryW
GetFileSize
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GlobalLock
AddAtomW
GetProcessHeap
CompareStringW
lstrcpyW
GlobalReAlloc
ExpandEnvironmentStringsW
FindNextFileW
FindFirstFileW
TerminateProcess
lstrcmpW
GetProcAddress
CreateFileW
TlsSetValue
CreateFileA
GetCurrentThreadId
LeaveCriticalSection
GetLastError
GetSystemInfo
GlobalFree
GlobalUnlock
VirtualQuery
lstrlenW
CreateProcessW
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
GetCommandLineW
GetAtomNameW
GetCommandLineA
lstrcpynW
RaiseException
TlsFree
GetModuleHandleA
ReadFile
DeleteAtom
CloseHandle
GetModuleHandleW
GetLongPathNameW
HeapCreate
FindResourceW
VirtualFree
Sleep
VirtualAlloc
RedrawWindow
GetForegroundWindow
SetWindowRgn
DrawTextW
SetRectEmpty
DestroyMenu
PostQuitMessage
GetMessagePos
LoadBitmapA
SetWindowPos
IsWindow
GrayStringW
DispatchMessageA
ClientToScreen
CopyRect
GetMessageTime
SetMenuItemInfoW
SetActiveWindow
GetMenuItemID
GetCursorPos
ChildWindowFromPointEx
GetDlgCtrlID
SendMessageW
SendMessageA
GetClientRect
DefWindowProcW
SetMenuDefaultItem
GetNextDlgTabItem
CallNextHookEx
LoadImageW
GetWindowTextW
GetWindowTextLengthW
LoadAcceleratorsW
InvalidateRgn
CopyImage
PtInRect
DrawEdge
GetParent
UpdateWindow
EqualRect
RegisterClassExA
ShowWindow
DrawFrameControl
GetMenuState
PeekMessageW
EnableWindow
SetWindowPlacement
CharUpperW
LoadIconW
TranslateMessage
IsWindowEnabled
GetWindow
GetIconInfo
SetParent
DestroyWindow
IsZoomed
GetWindowPlacement
LoadStringW
IsIconic
TrackPopupMenuEx
GetWindowLongA
SetTimer
FillRect
EnumThreadWindows
MonitorFromPoint
CreateAcceleratorTableW
GetSysColorBrush
GetClassInfoW
CreateWindowExW
TabbedTextOutW
GetWindowLongW
GetMenuStringW
IsChild
MapWindowPoints
RegisterWindowMessageW
GetMonitorInfoW
GetMessageA
PostMessageA
BeginPaint
OffsetRect
SetFocus
CopyIcon
KillTimer
DefWindowProcA
DrawFocusRect
SetClipboardViewer
GetClassInfoExW
GetSystemMetrics
SetWindowLongW
GetWindowRect
InflateRect
SetCapture
ReleaseCapture
EnumChildWindows
CharLowerW
SetWindowLongA
PostMessageW
CreatePopupMenu
GetSubMenu
GetClassLongW
DrawIconEx
SetWindowTextW
CreateWindowExA
GetDlgItem
BringWindowToTop
ScreenToClient
LoadCursorA
LoadIconA
GetMenuItemCount
DestroyAcceleratorTable
GetDesktopWindow
SetWindowsHookExW
LoadCursorW
GetSystemMenu
FindWindowExW
GetDC
InsertMenuW
SetForegroundWindow
NotifyWinEvent
GetMenuItemInfoW
EndPaint
ReleaseDC
IntersectRect
LoadMenuA
CreateIconIndirect
GetCapture
MessageBeep
LoadMenuW
GetWindowThreadProcessId
DeferWindowPos
BeginDeferWindowPos
MessageBoxW
GetMenu
DestroyIcon
RegisterClassExW
UnhookWindowsHookEx
MoveWindow
AppendMenuW
ChangeClipboardChain
AdjustWindowRectEx
SendMessageTimeoutW
GetSysColor
GetKeyState
EndDeferWindowPos
SystemParametersInfoA
GetDoubleClickTime
EnableMenuItem
IsWindowVisible
WinHelpW
SystemParametersInfoW
UnionRect
SetRect
DeleteMenu
InvalidateRect
CharNextW
CallWindowProcW
GetClassNameW
ModifyMenuW
IsRectEmpty
IsMenu
GetFocus
wsprintfW
TranslateAcceleratorW
SetMenu
SetCursor
_purecall
__wgetmainargs
malloc
__p__fmode
realloc
wcstoul
_wcsnicmp
__dllonexit
__wargv
__RTDynamicCast
_wcsicmp
_ultow
_vsnwprintf
_cexit
_c_exit
strtol
fwrite
qsort
_mbslen
_onexit
wcslen
wcscmp
exit
_XcptFilter
_itow
wcsrchr
__setusermatherr
wcsncpy
_adjust_fdiv
_wcmdln
__CxxFrameHandler
_CxxThrowException
_wtoi
wcschr
__p__commode
_mbsnbcnt
free
swprintf
atoi
wcsncmp
_except_handler3
_callnewh
_controlfp
_snwprintf
wcstol
memmove
swscanf
wcscpy
__argc
iswspace
wcsstr
_initterm
_exit
__set_app_type
_ltow
_iob
Number of PE resources by type
Struct(240) 2
RT_VERSION 1
Number of PE resources by language
RUSSIAN 3
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
9.0

ImageVersion
0.0

FileVersionNumber
5.1.2600.5512

LanguageCode
Russian

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
14336

EntryPoint
0x1e40

MIMEType
application/octet-stream

TimeStamp
2013:04:15 18:40:10+01:00

FileType
Win32 DLL

PEType
PE32

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
29184

FileSubtype
0

ProductVersionNumber
5.1.2600.5512

FileTypeExtension
dll

ObjectFileType
Executable application

File identification
MD5 32f193033d19570045138b5b2e4814fd
SHA1 8e2369173ee80898eda33bc240755d8bed4528a5
SHA256 b443da0d1515031bc0d7217ffb9636ea7eb1ccac22bffd1c79b5ca4c8fc16eb0
ssdeep
768:RygwM6TQdjPlcJDgqZRDgqZHJLCcLgZVqHI:oM6sdjPlcJNHNRtpcmH

authentihash fa2e31ac66ea73d526d137945443873824c062a1ca4f19af7df548ed0991d24c
imphash a5172bde6137239cca0773f01db5a84b
File size 43.5 KB ( 44544 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
pedll

VirusTotal metadata
First submission 2013-04-16 00:33:18 UTC ( 6 years, 1 month ago )
Last submission 2013-05-27 13:42:44 UTC ( 5 years, 12 months ago )
File names tjnecxl.dll
hthoxxc.dll
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!