× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: bf063ee5a0128d6d69705a3f93a6a68d50053295bf43dd9807fa7f18e6178123
File name: dc80969ec4f3a778e3b32da1b42daebb
Detection ratio: 10 / 66
Analysis date: 2018-03-25 18:54:52 UTC ( 8 months, 2 weeks ago ) View latest
Antivirus Result Update
AhnLab-V3 Malware/Win32.Generic.C2292050 20180325
Avast Win32:Stealer-DM [Trj] 20180325
AVG Win32:Stealer-DM [Trj] 20180325
Avira (no cloud) TR/PSW.Stealer.obmwd 20180325
AVware Trojan.Win32.Generic!BT 20180325
K7AntiVirus Riskware ( 0040eff71 ) 20180325
K7GW Riskware ( 0040eff71 ) 20180325
NANO-Antivirus Trojan.Win32.Stealer.ethawu 20180325
VIPRE Trojan.Win32.Generic!BT 20180325
Yandex Trojan.PWS.Stealer!VNB40kXh6EA 20180324
Ad-Aware 20180325
AegisLab 20180325
Alibaba 20180323
ALYac 20180325
Antiy-AVL 20180325
Arcabit 20180325
Avast-Mobile 20180325
Baidu 20180323
BitDefender 20180325
Bkav 20180325
CAT-QuickHeal 20180325
ClamAV 20180325
CMC 20180325
Comodo 20180325
CrowdStrike Falcon (ML) 20170201
Cybereason None
Cylance 20180325
Cyren 20180325
DrWeb 20180325
eGambit 20180325
Emsisoft 20180325
Endgame 20180316
ESET-NOD32 20180325
F-Prot 20180325
F-Secure 20180325
Fortinet 20180325
GData 20180325
Ikarus 20180325
Sophos ML 20180121
Jiangmin 20180325
Kaspersky 20180325
Kingsoft 20180325
Malwarebytes 20180325
MAX 20180325
McAfee 20180325
McAfee-GW-Edition 20180325
Microsoft 20180325
eScan 20180325
nProtect 20180325
Palo Alto Networks (Known Signatures) 20180325
Panda 20180325
Qihoo-360 20180325
Rising 20180325
SentinelOne (Static ML) 20180225
Sophos AV 20180325
SUPERAntiSpyware 20180325
Symantec 20180324
Symantec Mobile Insight 20180311
Tencent 20180325
TheHacker 20180319
TotalDefense 20180325
TrendMicro 20180325
TrendMicro-HouseCall 20180325
Trustlook 20180325
VBA32 20180323
ViRobot 20180325
WhiteArmor 20180324
Zillya 20180323
ZoneAlarm by Check Point 20180325
Zoner 20180325
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-01-28 13:01:16
Entry Point 0x000066D0
Number of sections 4
PE sections
PE exports
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
dll

TimeStamp
2018:01:28 14:01:16+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
35840

LinkerVersion
10.0

EntryPoint
0x66d0

InitializedDataSize
3072

SubsystemVersion
5.1

ImageVersion
0.0

OSVersion
5.1

UninitializedDataSize
0

File identification
MD5 dc80969ec4f3a778e3b32da1b42daebb
SHA1 15bf034cdcddfd9e1b8db60258f165b83beefb2a
SHA256 bf063ee5a0128d6d69705a3f93a6a68d50053295bf43dd9807fa7f18e6178123
ssdeep
768:ZiRUJZ0Kj3GlrJljdqYK8sV9dcSGVvLE7Ozkjp/GGQ:LJ+Kj3Gl9LxK/YJw7OzSp/

authentihash 3b246076c47e2b2bd4e69931f7a5841ee5967ba20bedd68af31d2fec78aeb7b3
File size 39.0 KB ( 39936 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.7%)
OS/2 Executable (generic) (19.2%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
Tags
pedll

VirusTotal metadata
First submission 2018-03-25 18:54:52 UTC ( 8 months, 2 weeks ago )
Last submission 2018-03-25 18:54:52 UTC ( 8 months, 2 weeks ago )
File names dc80969ec4f3a778e3b32da1b42daebb
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!