× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ba9ff486cebd683af68870886deedd34a33594b8832e59a6c18d45784d2aeaf5
File name: 5cb82acf05b86fe16953ff4a1c412a97
Detection ratio: 6 / 66
Analysis date: 2018-05-30 14:02:05 UTC ( 6 months, 2 weeks ago ) View latest
Antivirus Result Update
Avast Win64:Evo-gen [Susp] 20180530
AVG Win64:Evo-gen [Susp] 20180530
Cylance Unsafe 20180530
Endgame malicious (high confidence) 20180507
Fortinet W64/Kryptik.BIW!tr 20180530
Sophos ML heuristic 20180503
Ad-Aware 20180530
AegisLab 20180530
AhnLab-V3 20180530
Alibaba 20180530
ALYac 20180530
Antiy-AVL 20180530
Arcabit 20180530
Avast-Mobile 20180530
Avira (no cloud) 20180530
AVware 20180530
Babable 20180406
Baidu 20180530
BitDefender 20180530
Bkav 20180530
CAT-QuickHeal 20180530
ClamAV 20180530
CMC 20180529
Comodo 20180530
CrowdStrike Falcon (ML) 20180202
Cybereason None
Cyren 20180530
DrWeb 20180530
eGambit 20180530
Emsisoft 20180530
ESET-NOD32 20180530
F-Prot 20180530
F-Secure 20180530
GData 20180530
Ikarus 20180529
Jiangmin 20180530
K7AntiVirus 20180530
K7GW 20180530
Kaspersky 20180530
Kingsoft 20180530
Malwarebytes 20180530
MAX 20180530
McAfee 20180530
McAfee-GW-Edition 20180530
Microsoft 20180530
eScan 20180530
NANO-Antivirus 20180530
nProtect 20180530
Palo Alto Networks (Known Signatures) 20180530
Panda 20180530
Qihoo-360 20180530
Rising 20180530
SentinelOne (Static ML) 20180225
Sophos AV 20180530
SUPERAntiSpyware 20180530
Symantec 20180530
Symantec Mobile Insight 20180525
Tencent 20180530
TheHacker 20180524
TotalDefense 20180530
TrendMicro 20180530
TrendMicro-HouseCall 20180530
Trustlook 20180530
VBA32 20180530
VIPRE 20180530
ViRobot 20180530
Webroot 20180530
Yandex 20180529
Zillya 20180530
ZoneAlarm by Check Point 20180530
Zoner 20180530
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem that targets 64bit architectures.
PE header basic information
Target machine x64
Compilation timestamp 2018-05-30 12:17:53
Entry Point 0x000015E0
Number of sections 9
PE sections
PE imports
lstrcpyA
GetModuleHandleW
I_RpcGetExtendedError
GetTabbedTextExtentW
isalpha
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
AMD AMD64

FileTypeExtension
dll

TimeStamp
2018:05:30 13:17:53+01:00

FileType
Win64 DLL

PEType
PE32+

CodeSize
0

LinkerVersion
12.0

EntryPoint
0x15e0

InitializedDataSize
679936

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 5cb82acf05b86fe16953ff4a1c412a97
SHA1 ba13d0c0254018a2e6d43561e3c1bf581bd990de
SHA256 ba9ff486cebd683af68870886deedd34a33594b8832e59a6c18d45784d2aeaf5
ssdeep
12288:Bnfq943cv9VeGdrVZxM27BOr69gFmqndQh9:X3cvjeGFVZxM2xuoqq

authentihash ff3e1a902b0490ea63500240c9133dcdf86d5f07627bfff45990c8ebb2550b69
imphash 0274b181afd9275e4a9b5d9982692281
File size 644.0 KB ( 659456 bytes )
File type Win32 DLL
Magic literal
PE32+ executable for MS Windows (DLL) (GUI) Mono/.Net assembly

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
64bits assembly pedll

VirusTotal metadata
First submission 2018-05-30 14:02:05 UTC ( 6 months, 2 weeks ago )
Last submission 2018-05-30 14:02:05 UTC ( 6 months, 2 weeks ago )
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!