× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b7f1e1340ec0f6d1c07c48bff8c96f3ecbff522b6e37651a9fe76851419f4f3a
File name: DTCommonRes.dll
Detection ratio: 0 / 66
Analysis date: 2018-01-03 13:32:44 UTC ( 11 months, 2 weeks ago )
Antivirus Result Update
Ad-Aware 20171225
AegisLab 20180103
AhnLab-V3 20180103
Alibaba 20180103
ALYac 20180103
Antiy-AVL 20180103
Arcabit 20180103
Avast 20180103
Avast-Mobile 20180103
AVG 20180103
Avira (no cloud) 20180103
AVware 20180103
Baidu 20180103
BitDefender 20180103
Bkav 20180103
CAT-QuickHeal 20180103
ClamAV 20180103
CMC 20180103
Comodo 20180103
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cylance 20180103
Cyren 20180103
DrWeb 20180103
eGambit 20180103
Emsisoft 20180103
Endgame 20171130
ESET-NOD32 20180103
F-Prot 20180103
F-Secure 20180103
Fortinet 20180103
GData 20180103
Ikarus 20180103
Sophos ML 20170914
Jiangmin 20180103
K7AntiVirus 20180103
K7GW 20180103
Kaspersky 20180103
Kingsoft 20180103
Malwarebytes 20180103
MAX 20180103
McAfee 20180102
McAfee-GW-Edition 20180103
Microsoft 20180103
eScan 20180103
NANO-Antivirus 20180103
nProtect 20180103
Palo Alto Networks (Known Signatures) 20180103
Panda 20180102
Qihoo-360 20180103
Rising 20180103
SentinelOne (Static ML) 20171224
Sophos AV 20180103
SUPERAntiSpyware 20180103
Symantec 20180103
Tencent 20180103
TheHacker 20180102
TotalDefense 20180103
TrendMicro 20180103
TrendMicro-HouseCall 20180103
Trustlook 20180103
VBA32 20180103
VIPRE 20180103
ViRobot 20180103
Webroot 20180103
Yandex 20171229
Zillya 20180103
ZoneAlarm by Check Point 20180103
Zoner 20180103
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
© 2000-2012 DT Soft Ltd.

Product DAEMON Tools Lite
Internal name DTCommonRes.dll
File version 4.46.1.0328
Description DAEMON Tools Common resources
Signature verification Signed file, verified signature
Signing date 9:40 AM 1/8/2013
Signers
[+] Disc Soft Ltd
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer GlobalSign CodeSigning CA - G2
Valid from 6:52 PM 5/29/2012
Valid to 6:52 PM 5/30/2015
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 2EE8D6982CEDAA5666E9B5F55535A36E3A3932A2
Serial number 11 21 35 64 05 60 9A B9 5F 8D DB 13 16 4B 82 F9 6D E5
[+] GlobalSign CodeSigning CA - G2
Status Valid
Issuer GlobalSign Root CA
Valid from 11:00 AM 4/13/2011
Valid to 11:00 AM 4/13/2019
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 9000401777DD2B43393D7B594D2FF4CBA4516B38
Serial number 04 00 00 00 00 01 2F 4E E1 35 5C
[+] GlobalSign Root CA - R1
Status Valid
Issuer GlobalSign Root CA
Valid from 1:00 PM 9/1/1998
Valid to 1:00 PM 1/28/2028
Valid usage Server Auth, Client Auth, Code Signing, Email Protection, Timestamp Signing, OCSP Signing, EFS, IPSEC Tunnel, IPSEC User, IPSEC IKE Intermediate
Algorithm sha1RSA
Thumbprint B1BC968BD4F49D622AA89A81F2150152A41D829C
Serial number 04 00 00 00 00 01 15 4B 5A C3 94
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 1:00 AM 10/18/2012
Valid to 12:59 AM 5/20/2022
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint D43989A11E5961CC13A58008172BF544DA11F1E6
Serial number 7E 1F DF 72 99 E8 D2 45 A1 5D 0B A8 E5 B1 59 BA
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-01-08 08:40:22
Entry Point 0x0012E1CC
Number of sections 6
PE sections
Overlays
MD5 3c313d63d9c8d1d5654e8173f5d30b5b
File type data
Offset 4850688
Size 5840
Entropy 7.43
PE imports
GetTokenInformation
RegEnumKeyW
RegDeleteValueW
RegCloseKey
OpenProcessToken
RegSetValueExW
RegCreateKeyExW
RegEnumKeyExW
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegEnumValueW
RegDeleteKeyW
RegQueryValueExW
RegQueryValueW
ImageList_GetIconSize
_TrackMouseEvent
GetFileTitleW
SetDIBits
GetTextMetricsW
SetMapMode
GetWindowOrgEx
GetPaletteEntries
CombineRgn
GetViewportOrgEx
GetObjectType
GetBoundsRect
SetLayout
SetPixel
SetPaletteEntries
OffsetWindowOrgEx
CreateEllipticRgn
GetTextFaceW
CreatePalette
CreateDIBitmap
SetTextAlign
StretchBlt
ScaleViewportExtEx
SetWindowExtEx
SetBkColor
GetBkColor
SetRectRgn
MoveToEx
GetTextCharsetInfo
TextOutW
GetSystemPaletteEntries
OffsetRgn
CreateRectRgnIndirect
LPtoDP
GetBitmapBits
GetLayout
ExcludeClipRect
OffsetViewportOrgEx
SetBkMode
EnumFontFamiliesW
PtInRegion
BitBlt
FillRgn
FrameRgn
SelectPalette
PtVisible
ExtSelectClipRgn
ScaleWindowExtEx
SetROP2
GetNearestPaletteIndex
SetDIBColorTable
GetTextColor
Escape
SetViewportExtEx
GetWindowExtEx
PatBlt
CreatePen
GetClipBox
Rectangle
GetDeviceCaps
LineTo
DeleteDC
CreateFontIndirectW
GetObjectW
CreateDCW
RealizePalette
CreateHatchBrush
CreatePatternBrush
ExtTextOutW
IntersectClipRect
CreateBitmap
RectVisible
GetStockObject
SelectClipRgn
RoundRect
SetWindowOrgEx
SelectObject
GetViewportExtEx
GetTextExtentPoint32W
CreatePolygonRgn
Polygon
GetRgnBox
SaveDC
RestoreDC
GetPixel
SetDIBitsToDevice
CreateDIBSection
SetTextColor
ExtFloodFill
SetPixelV
EnumFontFamiliesExW
SetViewportOrgEx
CreateRoundRectRgn
CreateCompatibleDC
CreateFontW
CreateRectRgn
DeleteObject
SetPolyFillMode
CopyMetaFileW
Ellipse
CreateSolidBrush
Polyline
DPtoLP
CreateCompatibleBitmap
ImmReleaseContext
ImmGetOpenStatus
ImmGetContext
GetStdHandle
FileTimeToSystemTime
GetOverlappedResult
DeactivateActCtx
WaitForSingleObject
HeapDestroy
EncodePointer
GetFileAttributesW
lstrcmpW
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
GetVolumeInformationW
SetErrorMode
FreeEnvironmentStringsW
InterlockedPopEntrySList
GetLocaleInfoW
SetStdHandle
GetFileTime
GetCPInfo
GetProcAddress
InterlockedExchange
FindResourceExW
FormatMessageW
GetSystemTimeAsFileTime
ReleaseActCtx
HeapReAlloc
GetStringTypeW
ConnectNamedPipe
SetEvent
LocalFree
GetProfileIntW
ResumeThread
InterlockedPushEntrySList
InitializeCriticalSection
LoadResource
GlobalHandle
GetLogicalDriveStringsW
FindClose
TlsGetValue
GetFullPathNameW
WritePrivateProfileStringW
SetLastError
GetUserDefaultUILanguage
GlobalFindAtomW
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
GetModuleFileNameA
EnumSystemLocalesA
CreateActCtxW
SetThreadPriority
ActivateActCtx
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
FlushInstructionCache
GetPrivateProfileStringW
CreateEventW
GlobalAddAtomW
CreateThread
GetSystemDefaultUILanguage
MoveFileExW
GetSystemDirectoryW
DisconnectNamedPipe
SetUnhandledExceptionFilter
ConvertDefaultLocale
MulDiv
IsProcessorFeaturePresent
ExitThread
DecodePointer
SetEnvironmentVariableA
TerminateProcess
SearchPathW
VirtualQuery
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
GetNumberFormatW
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetLastError
GetVersionExW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
lstrcmpiW
RtlUnwind
FreeLibrary
CopyFileW
GlobalSize
UnlockFile
GetWindowsDirectoryW
GetFileSize
LCMapStringW
GetStartupInfoW
DeleteFileW
GetUserDefaultLCID
GetPrivateProfileIntW
CreateNamedPipeW
GetProcessHeap
GetTempFileNameW
WriteFile
CompareStringW
lstrcpyW
GetFileSizeEx
GlobalReAlloc
lstrcmpA
ResetEvent
FindFirstFileW
IsValidLocale
DuplicateHandle
WaitForMultipleObjects
GlobalLock
GlobalAlloc
GetTimeZoneInformation
CreateFileW
CreateEventA
GetFileType
TlsSetValue
HeapAlloc
InterlockedIncrement
GlobalGetAtomNameW
LocalReAlloc
GlobalDeleteAtom
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
FindResourceW
GetEnvironmentStringsW
GlobalUnlock
LockFile
lstrlenW
FileTimeToLocalFileTime
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
HeapQueryInformation
WideCharToMultiByte
HeapSize
GetCommandLineA
InterlockedCompareExchange
GetCurrentThread
RaiseException
TlsFree
SetFilePointer
ReadFile
GlobalFlags
LoadLibraryExW
DeleteAtom
CloseHandle
GetACP
GetModuleHandleW
FreeResource
GetFileAttributesExW
IsValidCodePage
HeapCreate
GetTempPathW
VirtualFree
Sleep
OpenEventA
VirtualAlloc
TransparentBlt
AlphaBlend
LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow
VarBstrCat
SysFreeString
VariantTimeToSystemTime
SysStringLen
SystemTimeToVariantTime
SysStringByteLen
VarBstrFromDate
VariantChangeType
VariantClear
SysAllocStringLen
VarBstrCmp
SysAllocString
SysAllocStringByteLen
VariantInit
DragQueryFileW
DragFinish
DuplicateIcon
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
SHAppBarMessage
SHGetFileInfoW
SHGetDesktopFolder
Ord(680)
SHBrowseForFolderW
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
PathFindExtensionW
PathFindFileNameW
MapWindowPoints
GetForegroundWindow
SetWindowRgn
RedrawWindow
SetMenuItemBitmaps
LoadBitmapW
CharUpperW
EnableScrollBar
DestroyMenu
PostQuitMessage
GetMessagePos
DrawStateW
SetWindowPos
GetNextDlgTabItem
IsWindow
GrayStringW
EndPaint
EndDialog
WindowFromPoint
CharUpperBuffW
SendMessageW
SetActiveWindow
GetDC
GetAsyncKeyState
ReleaseDC
GetDlgCtrlID
DefFrameProcW
UnregisterClassA
IsDialogMessageW
GetMenuStringW
UnregisterClassW
GetClassInfoW
DefWindowProcW
SetMenuDefaultItem
SetScrollPos
CallNextHookEx
IsClipboardFormatAvailable
LoadImageW
TrackPopupMenu
ClientToScreen
GetTopWindow
OpenClipboard
MapVirtualKeyExW
RegisterClipboardFormatW
PostThreadMessageW
LockWindowUpdate
GetWindowTextLengthW
LoadAcceleratorsW
ScrollWindow
DrawTextW
GetKeyState
DestroyWindow
DrawEdge
GetParent
UpdateWindow
GetWindow
GetPropW
EqualRect
SetClassLongW
EnumWindows
ShowScrollBar
GetMenuState
GetWindowTextW
GetMessageW
ShowWindow
DrawFrameControl
GetNextDlgGroupItem
SetPropW
EnumDisplayMonitors
GetCursorPos
PeekMessageW
TranslateMDISysAccel
InsertMenuItemW
SetWindowPlacement
CopyAcceleratorTableW
GetSystemMenu
GetMenuCheckMarkDimensions
TranslateMessage
IsWindowEnabled
GetDlgItemTextW
GetMenuDefaultItem
RegisterClassW
GetMenuItemID
GetIconInfo
SetParent
SetClipboardData
IsZoomed
GetWindowPlacement
SetWindowLongW
DrawMenuBar
IsCharLowerW
IsIconic
InvertRect
GetScrollPos
DrawFocusRect
CreateMenu
GetActiveWindow
GetKeyboardLayout
FillRect
MonitorFromPoint
CreateAcceleratorTableW
GetSysColorBrush
GetDialogBaseUnits
RealChildWindowFromPoint
CreateWindowExW
TabbedTextOutW
GetWindowLongW
GetUpdateRect
PtInRect
IsChild
SetFocus
RegisterWindowMessageW
GetMonitorInfoW
BeginPaint
OffsetRect
DefMDIChildProcW
ReleaseCapture
CopyIcon
KillTimer
MapVirtualKeyW
GetClassInfoExW
ToUnicodeEx
SendDlgItemMessageA
GetSystemMetrics
EnableMenuItem
SetScrollRange
GetWindowRect
InflateRect
SetRectEmpty
SetCapture
DrawIcon
EnumChildWindows
GetScrollRange
ShowOwnedPopups
SendDlgItemMessageW
PostMessageW
GetKeyNameTextW
CheckDlgButton
CreateDialogParamW
DrawTextExW
WaitMessage
CreatePopupMenu
CheckMenuItem
GetSubMenu
GetClassLongW
GetLastActivePopup
DrawIconEx
GetMessageTime
SetWindowTextW
SetTimer
GetDlgItem
RemovePropW
BringWindowToTop
ScreenToClient
GetKeyboardState
DialogBoxIndirectParamW
GetMenuItemCount
DestroyAcceleratorTable
ValidateRect
SetWindowsHookExW
LoadCursorW
LoadIconW
ReuseDDElParam
DispatchMessageW
InsertMenuW
SetForegroundWindow
GetClientRect
NotifyWinEvent
ExitWindowsEx
GetMenuItemInfoW
EmptyClipboard
CreateDialogIndirectParamW
MapDialogRect
IntersectRect
SetLayeredWindowAttributes
GetScrollInfo
HideCaret
CopyRect
GetCapture
MessageBeep
LoadMenuW
RemoveMenu
GetWindowThreadProcessId
DeferWindowPos
BeginDeferWindowPos
MessageBoxW
GetMenu
UnhookWindowsHookEx
MoveWindow
DialogBoxParamW
AppendMenuW
GetWindowDC
DestroyCursor
AdjustWindowRectEx
GetSysColor
SetDlgItemTextW
SetScrollInfo
CopyImage
EndDeferWindowPos
GetWindowRgn
UpdateLayeredWindow
GetDoubleClickTime
DestroyIcon
IsWindowVisible
WinHelpW
GetDesktopWindow
SubtractRect
UnpackDDElParam
SetCursorPos
SystemParametersInfoW
UnionRect
MonitorFromWindow
FrameRect
SetRect
DeleteMenu
InvalidateRect
CallWindowProcW
GetClassNameW
ModifyMenuW
IsRectEmpty
IsMenu
GetFocus
EnableWindow
CloseClipboard
SetCursor
SetMenu
TranslateAcceleratorW
PlaySoundW
DocumentPropertiesW
ClosePrinter
OpenPrinterW
GdipBitmapLockBits
GdipGetImagePixelFormat
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipGetImagePalette
GdipDisposeImage
GdipBitmapUnlockBits
GdiplusStartup
GdipDeleteGraphics
GdipCreateBitmapFromStream
GdipCreateFromHDC
GdipGetImageWidth
GdipCreateBitmapFromHBITMAP
GdipAlloc
GdipGetImagePaletteSize
GdipDrawImageI
GdipDrawImageRectI
GdipSetInterpolationMode
GdipFree
GdipGetImageHeight
GdipCloneImage
GdipGetImageGraphicsContext
CreateStreamOnHGlobal
OleLockRunning
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoLockObjectExternal
IsAccelerator
CoCreateInstance
OleTranslateAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
ReleaseStgMedium
DoDragDrop
RevokeDragDrop
CoCreateGuid
OleGetClipboard
CoInitializeEx
OleDuplicateData
CoTaskMemFree
RegisterDragDrop
PE exports
Number of PE resources by type
RT_ICON 81
RT_DIALOG 40
RT_GROUP_ICON 14
RT_BITMAP 6
RT_MANIFEST 1
RT_MENU 1
AVI 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 140
ENGLISH US 3
RUSSIAN 2
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
3404288

ImageVersion
0.0

ProductName
DAEMON Tools Lite

FileVersionNumber
4.46.1.328

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
DAEMON Tools Common resources

CharacterSet
Windows, Latin1

LinkerVersion
10.0

FileTypeExtension
dll

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
4.46.1.0328

TimeStamp
2013:01:08 09:40:22+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
DTCommonRes.dll

ProductVersion
4.46.1.0328

SubsystemVersion
5.1

OSVersion
5.1

FileOS
Win32

LegalCopyright
2000-2012 DT Soft Ltd.

MachineType
Intel 386 or later, and compatibles

CompanyName
DT Soft Ltd

CodeSize
1445376

FileSubtype
0

ProductVersionNumber
4.46.1.328

EntryPoint
0x12e1cc

ObjectFileType
Executable application

CarbonBlack CarbonBlack acts as a surveillance camera for computers
While monitoring an end-user machine in-the-wild, CarbonBlack noticed the following files in execution wrote this sample to disk.
Compressed bundles
File identification
MD5 1ca3b562482f5151cfec894e177d484d
SHA1 9b6dc4e8913dfcddaa177ee9c51f98ce76b29c45
SHA256 b7f1e1340ec0f6d1c07c48bff8c96f3ecbff522b6e37651a9fe76851419f4f3a
ssdeep
98304:xFCssu3e/5XRgp/RmRsPPHlTMTnRkIZfYvLmCT+UFFFdWCuU4202Lh2Eb22qq72+:xFSbsPaLLZfYvLj+UFFFNuU4202Lh2E/

authentihash d7e31c614ad92a19dff88067db68e6d8af5b357bc74c82a19ba4df9c90a48ca6
imphash 7095eed19b501865c35620c0b7724d1d
File size 4.6 MB ( 4856528 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Windows ActiveX control (61.1%)
Win32 Executable MS Visual C++ (generic) (16.3%)
Win64 Executable (generic) (14.5%)
Win32 Dynamic Link Library (generic) (3.4%)
Win32 Executable (generic) (2.3%)
Tags
pedll signed overlay

VirusTotal metadata
First submission 2013-02-14 04:18:39 UTC ( 5 years, 10 months ago )
Last submission 2018-01-03 13:32:44 UTC ( 11 months, 2 weeks ago )
File names DTCommonRes.dll
dtcommonres.dll
DTCOMMONRES.DLL
DTCommonRes.dll
DTCommonRes.dll
DTCommonRes.dll
B7F1E1340EC0F6D1C07C48BFF8C96F3ECBFF522B6E37651A9FE76851419F4F3A.DAT
DTCommonRes.dll
DTCommonRes.dll
DTCommonRes.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!