× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c03124ba691b187917ba79078c66e12cbf5387a3741203070ba23980aa471e8b
File name: api-ms-win-crt-process-l1-1-0.dll
Detection ratio: 0 / 69
Analysis date: 2019-02-20 12:02:22 UTC ( 2 days, 6 hours ago )
Trusted source! This file belongs to the Microsoft Corporation software catalogue.
Antivirus Result Update
ALYac 20190220
AVG 20190220
Acronis 20190219
Ad-Aware 20190220
AegisLab 20190220
AhnLab-V3 20190220
Alibaba 20180921
Antiy-AVL 20190220
Arcabit 20190220
Avast-Mobile 20190220
Avira (no cloud) 20190220
Babable 20180918
Baidu 20190215
BitDefender 20190220
Bkav 20190220
CAT-QuickHeal 20190219
CMC 20190220
ClamAV 20190219
Comodo 20190220
CrowdStrike Falcon (ML) 20181023
Cylance 20190220
Cyren 20190220
DrWeb 20190220
ESET-NOD32 20190220
Emsisoft 20190220
Endgame 20190215
F-Prot 20190220
F-Secure 20190220
Fortinet 20190220
GData 20190220
Ikarus 20190220
Sophos ML 20181128
Jiangmin 20190220
K7AntiVirus 20190220
K7GW 20190220
Kaspersky 20190220
Kingsoft 20190220
MAX 20190220
Malwarebytes 20190220
McAfee 20190220
McAfee-GW-Edition 20190220
eScan 20190220
Microsoft 20190220
NANO-Antivirus 20190220
Palo Alto Networks (Known Signatures) 20190220
Panda 20190219
Qihoo-360 20190220
Rising 20190220
SUPERAntiSpyware 20190213
SentinelOne (Static ML) 20190203
Sophos AV 20190220
Symantec 20190220
TACHYON 20190220
Tencent 20190220
TheHacker 20190217
TotalDefense 20190220
Trapmine 20190123
TrendMicro 20190220
TrendMicro-HouseCall 20190220
Trustlook 20190220
VBA32 20190220
VIPRE 20190220
ViRobot 20190220
Webroot 20190220
Yandex 20190220
Zillya 20190219
ZoneAlarm by Check Point 20190220
Zoner 20190220
eGambit 20190220
Cybereason 20180308
Symantec Mobile Insight 20190207
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name apisetstub
Internal name apisetstub
File version 10.0.16299.15 (WinBuild.160101.0800)
Description ApiSet Stub DLL
Signature verification Signed file, verified signature
Signing date 6:29 AM 9/29/2017
Signers
[+] Microsoft Corporation
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Microsoft Code Signing PCA
Valid from 08:11 PM 08/11/2017
Valid to 08:11 PM 08/11/2018
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 49D59D86505D82942A076388693F4FB7B21254EE
Serial number 33 00 00 01 78 25 5A B5 CD 23 C6 5F 95 00 01 00 00 01 78
[+] Microsoft Code Signing PCA
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 10:19 PM 08/31/2010
Valid to 10:29 PM 08/31/2020
Valid usage All
Algorithm sha1RSA
Thumbprint 3CAF9BA2DB5570CAF76942FF99101B993888E257
Serial number 61 33 26 1A 00 00 00 00 00 31
[+] Microsoft Root Certificate Authority
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 11:19 PM 05/09/2001
Valid to 11:28 PM 05/09/2021
Valid usage All
Algorithm sha1RSA
Thumbprint CDD4EEAE6000AC7F40C3802C171E30148030C072
Serial number 79 AD 16 A1 4A A0 A5 AD 4C 73 58 F4 07 13 2E 65
Counter signers
[+] Microsoft Time-Stamp Service
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Microsoft Time-Stamp PCA
Valid from 05:58 PM 09/07/2016
Valid to 05:58 PM 09/07/2018
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 1D0C7C8460E7E554FBED80DC2C90722EB20B10E3
Serial number 33 00 00 00 C3 3B B8 10 D6 AB 75 9C 84 00 00 00 00 00 C3
[+] Microsoft Time-Stamp PCA
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 12:53 PM 04/03/2007
Valid to 01:03 PM 04/03/2021
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 375FCB825C3DC3752A02E34EB70993B4997191EF
Serial number 61 16 68 34 00 00 00 00 00 1C
[+] Microsoft Root Certificate Authority
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 11:19 PM 05/09/2001
Valid to 11:28 PM 05/09/2021
Valid usage All
Algorithm sha1RSA
Thumbrint CDD4EEAE6000AC7F40C3802C171E30148030C072
Serial number 79 AD 16 A1 4A A0 A5 AD 4C 73 58 F4 07 13 2E 65
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2065-11-29 11:56:28
Number of sections 2
PE sections
Overlays
MD5 e941cd916ee41c08efb990b36da3e464
File type data
Offset 3584
Size 15672
Entropy 7.40
PE exports
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
14.1

ImageVersion
10.0

FileSubtype
0

FileVersionNumber
10.0.16299.15

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
ApiSet Stub DLL

ImageFileCharacteristics
Executable, 32-bit, DLL

CharacterSet
Unicode

InitializedDataSize
1024

EntryPoint
0x0000

OriginalFileName
apisetstub

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
10.0.16299.15 (WinBuild.160101.0800)

TimeStamp
2065:11:29 12:56:28+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
apisetstub

ProductVersion
10.0.16299.15

SubsystemVersion
10.0

OSVersion
10.0

FileOS
Windows NT 32-bit

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
2048

ProductName
Microsoft Windows Operating System

ProductVersionNumber
10.0.16299.15

Warning
Possibly corrupt Version resource

FileTypeExtension
dll

ObjectFileType
Dynamic link library

Execution parents
Compressed bundles
File identification
MD5 8d02dd4c29bd490e672d271700511371
SHA1 f3035a756e2e963764912c6b432e74615ae07011
SHA256 c03124ba691b187917ba79078c66e12cbf5387a3741203070ba23980aa471e8b
ssdeep
192:aRQqjd7dWIghWG4U9kuDz7M123Ouo+Uggs/nGfe4pBjSbAURWh0txKdmVWQ4CW+6:aKcWPhWFkDz6i00GftpBjYemZlUG+zIU

authentihash ccfc2c8270dda6fa4b9e65a0b3668bd47acc6dafcc5c05e09146f904ed4df0dc
File size 18.8 KB ( 19256 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.7%)
OS/2 Executable (generic) (19.2%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
Tags
pedll signed trusted overlay

Trusted verdicts
This file belongs to the Microsoft Corporation software catalogue. The file is often found with 54e45b87-3fb9-e711-80c0-0003ff7747d6.dll as its name.
VirusTotal metadata
First submission 2017-10-11 06:57:48 UTC ( 1 year, 4 months ago )
Last submission 2019-02-20 12:02:22 UTC ( 2 days, 6 hours ago )
File names api-ms-win-crt-process-l1-1-0.dll
api-ms-win-crt-process-l1-1-0.dll
api-ms-win-crt-process-l1-1-0.dll
api-ms-win-crt-process-l1-1-0.dll
api-ms-win-crt-process-l1-1-0.dll
api-ms-win-crt-process-l1-1-0.dll
api-ms-win-crt-process-l1-1-0.dll
api-ms-win-crt-process-l1-1-0.dll
api-ms-win-crt-process-l1-1-0.dll
api-ms-win-crt-process-l1-1-0.dll
api-ms-win-crt-process-l1-1-0.dll
api-ms-win-crt-process-l1-1-0.dll
api-ms-win-crt-process-l1-1-0.dll
api-ms-win-crt-process-l1-1-0.dll
api-ms-win-crt-process-l1-1-0.dll
api-ms-win-crt-process-l1-1-0.dll
api-ms-win-crt-process-l1-1-0.dll
api-ms-win-crt-process-l1-1-0.dll
api-ms-win-crt-process-l1-1-0.dll
api-ms-win-crt-process-l1-1-0.dll
api-ms-win-crt-process-l1-1-0.dll
api-ms-win-crt-process-l1-1-0.dll
api-ms-win-crt-process-l1-1-0.dll
api-ms-win-crt-process-l1-1-0.dll
api-ms-win-crt-process-l1-1-0.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!