× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b9484b7e0e945616ef20ee7407fe54525ea0e11d9d997ebee33893b598b79464
File name: 13.tmp
Detection ratio: 33 / 42
Analysis date: 2012-04-25 17:41:44 UTC ( 6 years, 6 months ago )
Antivirus Result Update
AhnLab-V3 Trojan/Win32.Cidox 20120423
AntiVir TR/Dldr.Vundo.hkyma 20120424
Antiy-AVL Trojan/Win32.Cidox.gen 20120423
Avast Win32:Kryptik-HHQ [Trj] 20120423
AVG Generic_r.AKN 20120423
BitDefender Gen:Variant.Zusy.743 20120424
CAT-QuickHeal TrojanRansom.Cidox.duz 20120423
Comodo TrojWare.Win32.Cidox.ANG 20120424
DrWeb Trojan.MayachokENT.1 20120424
Emsisoft Trojan-Downloader.Win32.Vundo!IK 20120424
eTrust-Vet Win32/Vundo.I!generic 20120423
F-Secure Gen:Variant.Zusy.743 20120424
Fortinet W32/Kryptik.CIK!tr 20120424
GData Gen:Variant.Zusy.743 20120424
Ikarus Trojan-Downloader.Win32.Vundo 20120424
Jiangmin Trojan/Cidox.hgi 20120423
K7AntiVirus Trojan 20120420
Kaspersky Trojan-Ransom.Win32.Cidox.duz 20120424
McAfee Downloader.a!bhc 20120423
McAfee-GW-Edition Downloader.a!bhc 20120423
Microsoft TrojanDownloader:Win32/Vundo.HIY 20120424
NOD32 a variant of Win32/Kryptik.AAOM 20120424
Norman W32/Vundo.AZIL 20120423
Panda Generic Trojan 20120423
Rising Trojan.Win32.Generic.12B79C26 20120423
Sophos AV Troj/Virtum-Gen 20120424
Symantec Downloader 20120424
TheHacker Trojan/Dropper.Cidox.rsg 20120422
TrendMicro TROJ_GEN.R4FCCD8 20120423
TrendMicro-HouseCall TROJ_GEN.R4FCCD8 20120424
VBA32 BScope.Trojan-Ransom.Cidox.3112 20120422
VIPRE Trojan.Win32.Vundo.pb (v) 20120424
VirusBuster Trojan.Cidox!t+FH00TNbso 20120423
ByteHero 20120424
ClamAV 20120424
Commtouch 20120424
eSafe 20120423
F-Prot 20120423
nProtect 20120424
PCTools 20120423
SUPERAntiSpyware 20120402
ViRobot 20120424
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) 1995-1999 SK, All rights reserved.

Publisher SK computer
Product control utility
Original name CONTROL.DLL
File version 2.0.1.3212
Description control utility
Packers identified
PEiD Armadillo v1.xx - v2.xx
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-02-13 06:03:52
Entry Point 0x00006705
Number of sections 5
PE sections
PE imports
RegOpenKeyExA
Rectangle, CreateBitmap
LoadLibraryA, GetLastError, GetStdHandle, QueryPerformanceCounter, GetCurrentThreadId, GetCurrentProcessId, VirtualAlloc, GetTickCount, GetStringTypeW, GetStringTypeA, LCMapStringW, LCMapStringA, VirtualFree, GetSystemTimeAsFileTime, lstrcmpiA, MultiByteToWideChar, GetOEMCP, GetProcAddress, CloseHandle, GetACP, GetCPInfo, GetCommandLineA, GetVersion, ExitProcess, TerminateProcess, GetCurrentProcess, HeapDestroy, HeapCreate, HeapFree, SetHandleCount, GetFileType, GetStartupInfoA, GetModuleFileNameA, FreeEnvironmentStringsA, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStrings, GetEnvironmentStringsW, WriteFile, HeapAlloc, HeapReAlloc, RtlUnwind
StrStrA
MessageBoxA, GetSystemMetrics, GetDC
CoUninitialize, CoTaskMemAlloc
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
20480

ImageVersion
0.0

ProductName
control utility

FileVersionNumber
2.0.1.3212

LanguageCode
Russian

FileFlagsMask
0x003f

LinkerVersion
6.0

FileDescription
control utility

CharacterSet
Windows, Cyrillic

FileOS
Win32

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
2.0.1.3212

TimeStamp
2012:02:13 07:03:52+01:00

FileType
Win32 DLL

PEType
PE32

ProductVersion
2.0.1.3212

SubsystemVersion
4.0

OSVersion
4.0

OriginalFilename
CONTROL.DLL

LegalCopyright
Copyright 1995-1999 SK, All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
SK computer

CodeSize
32768

FileSubtype
0

ProductVersionNumber
2.0.1.3212

EntryPoint
0x6705

ObjectFileType
Executable application

File identification
MD5 8cc6cdc20056f24be1e2012367fbb2f7
SHA1 bce3ca52f5701fa39e3af7b979959288b1f97a67
SHA256 b9484b7e0e945616ef20ee7407fe54525ea0e11d9d997ebee33893b598b79464
ssdeep
768:Jf7rSQcRBA/5iqo664fDLswWW4wpCI4++yRWXo97NafG:x+g5ilMLz34wpk+R0onafG

File size 52.0 KB ( 53248 bytes )
File type Win32 DLL
Magic literal
MS-DOS executable PE for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
Tags
armadillo

VirusTotal metadata
First submission 2012-02-22 17:28:51 UTC ( 6 years, 8 months ago )
Last submission 2012-04-25 17:41:44 UTC ( 6 years, 6 months ago )
File names amsemend3.txt
13.tmp
aa
jS1UwvxZ7P.dot
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!