× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b9abd5eb3e0bfe0e8be3a4e926fbc7ab4287a152f2d5427c917604a334bf27f1
File name: QUT.SymbolWriter.dll
Detection ratio: 0 / 43
Analysis date: 2012-01-07 07:56:40 UTC ( 6 years, 6 months ago )
Antivirus Result Update
AhnLab-V3 20120106
AntiVir 20120106
Antiy-AVL 20120107
Avast 20120106
AVG 20120106
BitDefender 20120107
ByteHero 20111231
CAT-QuickHeal 20120106
ClamAV 20120106
Commtouch 20120106
Comodo 20120107
DrWeb 20120107
Emsisoft 20120107
eSafe 20120103
eTrust-Vet 20120106
F-Prot 20120106
F-Secure 20120107
Fortinet 20120107
GData 20120107
Ikarus 20120107
Jiangmin 20120106
K7AntiVirus 20120106
Kaspersky 20120107
McAfee 20120107
McAfee-GW-Edition 20120107
Microsoft 20120107
NOD32 20120107
Norman 20120106
nProtect 20120107
Panda 20120106
PCTools 20120107
Prevx 20120107
Rising 20120106
Sophos AV 20120107
SUPERAntiSpyware 20120107
Symantec 20120107
TheHacker 20120106
TrendMicro 20120107
TrendMicro-HouseCall 20120107
VBA32 20120106
VIPRE 20120107
ViRobot 20120107
VirusBuster 20120106
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2007-07-23 02:28:37
Entry Point 0x000032FC
Number of sections 5
PE sections
PE imports
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
DisableThreadLibraryCalls
FatalAppExitA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
_except_handler4_common
_onexit
_crt_debugger_hook
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
__CppXcptFilter
_encode_pointer
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_CrtSetCheckCount
_decode_pointer
_free_dbg
_encoded_null
_malloc_dbg
__FrameUnwindFilter
_cexit
__2@YAPAXI@Z
_CorDllMain
_DoCallBackInDefaultDomain@_CrtImplementationDetails_@@YAXP6GJPAX@Z0@Z
_ThrowNestedModuleLoadException@_CrtImplementationDetails_@@YAXP$AAVException@System@@0@Z
_ThrowModuleLoadException@_CrtImplementationDetails_@@YAXP$AAVString@System@@@Z
_RegisterModuleUninitializer@_CrtImplementationDetails_@@YAXP$AAVEventHandler@System@@@Z
_DoDllLanguageSupportValidation@_CrtImplementationDetails_@@YAXXZ
_ThrowModuleLoadException@_CrtImplementationDetails_@@YAXP$AAVString@System@@P$AAVException@3@@Z
CoCreateInstance
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

TimeStamp
2007:07:23 04:28:37+02:00

FileType
Win32 DLL

PEType
PE32

CodeSize
9728

LinkerVersion
8.0

EntryPoint
0x32fc

InitializedDataSize
40448

SubsystemVersion
4.0

ImageVersion
1.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 f260adf4071fc8266cfc133e4bd2f1ba
SHA1 1ac388b882410661551b6067f461bccf5786fa11
SHA256 b9abd5eb3e0bfe0e8be3a4e926fbc7ab4287a152f2d5427c917604a334bf27f1
ssdeep
768:mEkdNGyFnku2pByLaxX9bA9x9i+UsSQDPOkqO:mEC7dR2pH3baJXPOv

File size 48.5 KB ( 49664 bytes )
File type Win32 DLL
Magic literal

TrID Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
VirusTotal metadata
First submission 2012-01-07 07:56:40 UTC ( 6 years, 6 months ago )
Last submission 2012-01-07 07:56:40 UTC ( 6 years, 6 months ago )
File names QUT.SymbolWriter.dll
D51A025200EC4BDDC21B00AF3AFB68007C8F7AF8.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!