× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c12f08c442aca776bcb4debe2073e8f038877002eedee98502f58d52381e6980
File name: IRC protocol
Detection ratio: 0 / 56
Analysis date: 2014-11-29 22:03:43 UTC ( 4 years, 4 months ago )
Antivirus Result Update
Ad-Aware 20141129
AegisLab 20141129
Yandex 20141129
AhnLab-V3 20141129
ALYac 20141129
Antiy-AVL 20141129
Avast 20141129
AVG 20141129
Avira (no cloud) 20141129
AVware 20141121
Baidu-International 20141129
BitDefender 20141129
Bkav 20141127
ByteHero 20141129
CAT-QuickHeal 20141129
ClamAV 20141129
CMC 20141127
Comodo 20141129
Cyren 20141129
DrWeb 20141129
Emsisoft 20141129
ESET-NOD32 20141129
F-Prot 20141129
F-Secure 20141129
Fortinet 20141129
GData 20141129
Ikarus 20141129
Jiangmin 20141129
K7AntiVirus 20141128
K7GW 20141129
Kaspersky 20141129
Kingsoft 20141129
Malwarebytes 20141129
McAfee 20141129
McAfee-GW-Edition 20141129
Microsoft 20141129
eScan 20141129
NANO-Antivirus 20141129
Norman 20141129
nProtect 20141128
Panda 20141129
Qihoo-360 20141129
Rising 20141129
Sophos AV 20141129
SUPERAntiSpyware 20141129
Symantec 20141129
Tencent 20141129
TheHacker 20141124
TotalDefense 20141129
TrendMicro 20141129
TrendMicro-HouseCall 20141129
VBA32 20141128
VIPRE 20141129
ViRobot 20141128
Zillya 20141127
Zoner 20141127
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
c 2003-2011 Jurgen Persson, George Hazan

Original name IRC.dll
Internal name IRC protocol
File version 0.9.211.0
Description IRC protocol for Miranda IM
Packers identified
PEiD Armadillo v1.xx - v2.xx
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-05-06 15:10:54
Entry Point 0x000294C5
Number of sections 5
PE sections
PE imports
CreateFontIndirectW
GetStockObject
GetObjectW
SetBkColor
DeleteObject
SetTextColor
EnterCriticalSection
lstrcpynW
lstrlenA
lstrcmpiA
WaitForSingleObject
SetEvent
GetModuleFileNameA
lstrlenW
GetLocalTime
DeleteCriticalSection
LockResource
lstrcatW
GetComputerNameW
lstrcpyW
GetModuleHandleA
lstrcmpA
InterlockedExchange
lstrcpyA
CloseHandle
EnumSystemCodePagesA
lstrcpynA
lstrcmpW
GetProcAddress
CreateEventW
lstrcmpiW
InitializeCriticalSection
LoadResource
FindResourceW
InterlockedDecrement
Sleep
LeaveCriticalSection
InterlockedIncrement
_purecall
rand
malloc
_wcsupr
realloc
_wcslwr
fread
fclose
strcat
__dllonexit
_mbslwr
_waccess
wcstol
strchr
fgets
sscanf
strlen
_except_handler3
wcslen
_wremove
??2@YAPAXI@Z
fwrite
fseek
_mbscmp
_onexit
_wcsdup
wcscmp
ftell
_strdup
towlower
_ftol
wcsrchr
_wtoi64
_adjust_fdiv
sprintf
__CxxFrameHandler
wcsftime
memset
iswctype
_lseeki64
wcschr
wcsncpy
??3@YAXPAX@Z
free
_wtol
_mbschr
wcscspn
atoi
_mbsstr
_wfopen
calloc
_write
_mbsupr
memcpy
_wstati64
_snwprintf
_vsnprintf
strstr
_wctime
wcstoul
wcsspn
localtime
_read
memmove
_wopen
swscanf
wcscpy
strcpy
wcsstr
time
_strnicmp
_initterm
_close
strcmp
_wtoi
ShellExecuteA
StrToIntA
StrToIntW
SetFocus
GetAsyncKeyState
GetParent
CharLowerW
EndDialog
DefWindowProcW
CopyIcon
KillTimer
ShowWindow
SetWindowPos
SetWindowLongW
MessageBoxW
EnableWindow
SetDlgItemTextA
DialogBoxParamW
GetDlgItemTextA
ChildWindowFromPoint
SendDlgItemMessageW
IsWindowEnabled
GetDlgItemTextW
PostMessageW
SetDlgItemTextW
CreateDialogParamW
GetDlgCtrlID
SetWindowTextA
CheckDlgButton
SendMessageW
GetWindowLongW
IsWindowVisible
SendMessageA
GetWindowTextLengthW
SetWindowTextW
GetDlgItem
SystemParametersInfoW
IsIconic
InvalidateRect
SetTimer
CallWindowProcW
IsDlgButtonChecked
GetWindowTextW
SetActiveWindow
SetDlgItemInt
GetFocus
wsprintfW
GetWindowTextA
DestroyWindow
htonl
ntohl
inet_addr
ioctlsocket
gethostbyname
ntohs
getsockname
PE exports
Number of PE resources by type
RT_ICON 38
RT_GROUP_ICON 16
RT_DIALOG 15
TEXT 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 71
PE resources
ExifTool file metadata
Author
Miranda team

UninitializedDataSize
0

InitializedDataSize
220160

ImageVersion
0.0

FileVersionNumber
0.9.21.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
IRC protocol for Miranda IM

CharacterSet
Unicode

LinkerVersion
6.0

OriginalFilename
IRC.dll

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
0.9.211.0

TimeStamp
2011:05:06 16:10:54+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
IRC protocol

FileAccessDate
2014:11:29 23:03:49+01:00

SubsystemVersion
4.0

OSVersion
4.0

FileCreateDate
2014:11:29 23:03:49+01:00

FileOS
Windows NT 32-bit

LegalCopyright
c 2003-2011 Jurgen Persson, George Hazan

MachineType
Intel 386 or later, and compatibles

CodeSize
177152

FileSubtype
0

ProductVersionNumber
0.9.21.0

EntryPoint
0x294c5

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 4b76c01c410c1f2125eb1542df9aed9c
SHA1 40f27c914f4bc1946a02f3bbb42e73eaee5eea03
SHA256 c12f08c442aca776bcb4debe2073e8f038877002eedee98502f58d52381e6980
ssdeep
6144:f2tA6AdffBzrmDXqiVvvXfEIxNAMY0kkkkckkkkbkkkhkkWkzIDvsssssssrUvHa:f2q6A91iOiVvvDxyukkkkckkkkbkkkhb

authentihash a9d7c70079eee94e52ecc026ae434a9ba740dbaea6abcacae1317d4bc676728d
imphash 7ee1764bd480965177f8314bc4c92e81
File size 369.6 KB ( 378469 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (46.3%)
Miranda IM plugin (31.2%)
Win32 Dynamic Link Library (generic) (9.7%)
Win32 Executable (generic) (6.6%)
Generic Win/DOS Executable (2.9%)
Tags
armadillo pedll

VirusTotal metadata
First submission 2011-05-07 07:56:01 UTC ( 7 years, 11 months ago )
Last submission 2011-05-07 07:56:01 UTC ( 7 years, 11 months ago )
File names IRC protocol
IRC.dll
IRC.dll
FD471E4365D343BCC6D505DBC9276000EB7E5547.dll
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!