× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c3781a1bce2832fef2ab528949d4191011fe6581c4a911f08da45736a36d8eb6
File name: libxml2-2.dll
Detection ratio: 0 / 66
Analysis date: 2018-07-31 23:52:55 UTC ( 9 months, 3 weeks ago )
Antivirus Result Update
Ad-Aware 20180731
AegisLab 20180731
AhnLab-V3 20180731
Alibaba 20180713
ALYac 20180801
Antiy-AVL 20180801
Arcabit 20180801
Avast 20180730
Avast-Mobile 20180730
AVG 20180730
Avira (no cloud) 20180731
AVware 20180727
Babable 20180725
Baidu 20180731
BitDefender 20180731
Bkav 20180731
CAT-QuickHeal 20180728
ClamAV 20180731
CMC 20180731
Comodo 20180731
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180801
Cyren 20180731
DrWeb 20180731
eGambit 20180801
Emsisoft 20180731
Endgame 20180730
ESET-NOD32 20180731
F-Prot 20180731
F-Secure 20180731
Fortinet 20180801
GData 20180731
Ikarus 20180731
Sophos ML 20180717
Jiangmin 20180801
K7AntiVirus 20180731
K7GW 20180801
Kaspersky 20180731
Kingsoft 20180801
Malwarebytes 20180801
MAX 20180801
McAfee 20180731
McAfee-GW-Edition 20180731
eScan 20180731
NANO-Antivirus 20180731
Palo Alto Networks (Known Signatures) 20180801
Panda 20180731
Qihoo-360 20180801
Rising 20180731
SentinelOne (Static ML) 20180701
Sophos AV 20180731
SUPERAntiSpyware 20180731
Symantec 20180731
Symantec Mobile Insight 20180728
TACHYON 20180731
Tencent 20180801
TheHacker 20180730
TotalDefense 20180731
TrendMicro 20180731
TrendMicro-HouseCall 20180731
Trustlook 20180801
VBA32 20180731
VIPRE 20180731
ViRobot 20180731
Webroot 20180801
Yandex 20180731
Zillya 20180731
ZoneAlarm by Check Point 20180731
Zoner 20180731
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Entry Point 0x00001400
Number of sections 10
PE sections
Overlays
MD5 fc6443856fd0eef111abbd29ef7796e3
File type data
Offset 1366528
Size 6054
Entropy 4.32
PE imports
GetLastError
EnterCriticalSection
ReleaseMutex
WaitForSingleObject
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
GetVersionExA
LoadLibraryA
DeleteCriticalSection
GetCurrentProcess
GetCurrentProcessId
UnhandledExceptionFilter
MultiByteToWideChar
GetProcAddress
CreateMutexA
IsDBCSLeadByteEx
WideCharToMultiByte
TlsFree
GetModuleHandleA
SetUnhandledExceptionFilter
CloseHandle
GetSystemTimeAsFileTime
GetSystemDirectoryA
GetModuleHandleW
TerminateProcess
InitializeCriticalSection
VirtualQuery
TlsGetValue
Sleep
TlsSetValue
GetCurrentThreadId
LeaveCriticalSection
htonl
ioctlsocket
WSAStartup
connect
getsockname
htons
WSASetLastError
WSAGetLastError
getsockopt
closesocket
inet_addr
send
getservbyport
ntohs
select
gethostbyaddr
listen
__WSAFDIsSet
WSACleanup
gethostbyname
inet_ntoa
recv
socket
bind
getservbyname
__divdi3
__umoddi3
__udivdi3
__deregister_frame_info
__register_frame_info
libiconv
libiconv_open
libiconv_close
strncmp
rand
malloc
getc
srand
toupper
setlocale
isxdigit
_getcwd
fread
fclose
strcat
__dllonexit
abort
fprintf
_open
strtoul
fflush
fopen
strlen
strncpy
_amsg_exit
fputc
strtol
_errno
fwrite
_lock
_dup
_onexit
wcslen
exit
sprintf
_fileno
__setusermatherr
log10
isspace
_close
strchr
memset
tolower
_unlock
ferror
memcmp
free
getenv
_stati64
ungetc
atoi
vfprintf
_wfopen
calloc
_write
realloc
memcpy
_wstati64
memmove
_read
_wopen
strerror
strcmp
strcpy
time
__mb_cur_max
islower
_initterm
isupper
localeconv
memchr
_iob
inflateInit2_
inflateEnd
gzdopen
gzwrite
gzclose
deflateEnd
gzdirect
deflate
deflateInit2_
crc32
gzread
inflate
gzopen
PE exports
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
dll

TimeStamp
0000:00:00 00:00:00

FileType
Win32 DLL

PEType
PE32

CodeSize
955904

LinkerVersion
2.25

EntryPoint
0x1400

InitializedDataSize
1365504

SubsystemVersion
4.0

ImageVersion
1.0

OSVersion
4.0

UninitializedDataSize
7680

Compressed bundles
File identification
MD5 bfbef1361dcc2f47dfb29797bac2f4c7
SHA1 c6d5e8b583414b1018c771dceeb852fd769e3813
SHA256 c3781a1bce2832fef2ab528949d4191011fe6581c4a911f08da45736a36d8eb6
ssdeep
24576:1RV3ZVF7RHXlyFiDn2RxAC/GbktBcOmZQ4SMF6H366MQplrXA:p3ZVF7RVyIDnVUGKnmZQ4SMF0x58

authentihash 7bed6ba5fcfb24bf48d582f7a40d3005c71229a2a1a930c77cc444acade5f448
imphash 14855ddec4493e46c21ddc0a8ec384be
File size 1.3 MB ( 1372582 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
pedll overlay

VirusTotal metadata
First submission 2015-10-07 10:25:15 UTC ( 3 years, 7 months ago )
Last submission 2018-05-24 01:46:11 UTC ( 12 months ago )
File names libxml2-2.dll
libxml2-2.dll
libxml2-2.dll
libxml2-2.dll
libxml2-2.dll
libxml2-2.dll
C3781A1BCE2832FEF2AB528949D4191011FE6581C4A911F08DA45736A36D8EB6
libxml2-2.dll
libxml2-2.dll
libxml2-2.dll
C3781A1BCE2832FEF2AB528949D4191011FE6581C4A911F08DA45736A36D8EB6
libxml2-2.dll
libxml2-2.dll
libxml2-2.dll
libxml2-2.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!