× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c5ea3f1f316b7a6e78fd5aafcdfba9844b8f73314802fce8a73079ecfc43941e
File name: B82B716C6.cpp.kaf
Detection ratio: 4 / 54
Analysis date: 2015-01-23 21:47:27 UTC ( 3 years, 8 months ago ) View latest
Antivirus Result Update
Bkav HW32.Packed.39A6 20150123
ESET-NOD32 a variant of Win32/Kryptik.CWDA 20150123
Malwarebytes Trojan.FakeMS.ED 20150123
Qihoo-360 HEUR/QVM40.1.Malware.Gen 20150123
Ad-Aware 20150123
AegisLab 20150123
Yandex 20150122
AhnLab-V3 20150123
Alibaba 20150120
ALYac 20150123
Antiy-AVL 20150123
Avast 20150123
AVG 20150123
Avira (no cloud) 20150123
AVware 20150123
Baidu-International 20150123
BitDefender 20150123
ByteHero 20150123
CAT-QuickHeal 20150123
CMC 20150120
Comodo 20150123
Cyren 20150123
DrWeb 20150123
F-Prot 20150123
F-Secure 20150123
Fortinet 20150121
GData 20150123
Ikarus 20150123
Jiangmin 20150123
K7AntiVirus 20150123
Kaspersky 20150123
Kingsoft 20150123
McAfee 20150123
McAfee-GW-Edition 20150123
Microsoft 20150123
eScan 20150123
NANO-Antivirus 20150123
Norman 20150123
nProtect 20150123
Panda 20150123
Rising 20150123
Sophos AV 20150123
SUPERAntiSpyware 20150123
Symantec 20150123
Tencent 20150123
TheHacker 20150123
TotalDefense 20150123
TrendMicro 20150123
TrendMicro-HouseCall 20150123
VBA32 20150123
VIPRE 20150123
ViRobot 20150123
Zillya 20150122
Zoner 20150123
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Publisher Microsoft Corporation
Product Microsoft® Windows® Operating System
Original name MSOERT2.DLL
Internal name MSOERT2
File version 6.00.3790.3959 (srv03_sp2_rtm.070216-1710)
Description Microsoft Outlook Express RT Lib
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-01-23 16:52:51
Entry Point 0x000071B7
Number of sections 4
PE sections
PE imports
lstrcmpW
MoveFileW
GetLocalTime
WNetGetNetworkInformationA
WNetOpenEnumW
WNetGetUniversalNameW
WNetGetNetworkInformationW
WNetDisconnectDialog
WNetGetLastErrorW
WNetDisconnectDialog1A
WNetUseConnectionW
SetupDiBuildClassInfoList
SetupQueueCopyIndirectA
SetupDiOpenDeviceInterfaceA
SetupDiGetSelectedDriverA
SetupRemoveFileLogEntryW
SetupDiGetSelectedDevice
SetupDiOpenDeviceInfoW
SetupGetMultiSzFieldW
SetupCopyOEMInfA
SetupDiGetClassImageListExW
SetupQueryInfOriginalFileInformationA
SetupQueueCopySectionA
SetupDiBuildClassInfoListExW
SetupDiGetHwProfileListExW
SetupDiDeleteDeviceInfo
SetupQueryInfOriginalFileInformationW
SetupOpenInfFileA
SetupQuerySourceListA
SetupDiSetClassInstallParamsA
SetupGetLineTextW
SetupDiGetDeviceInstallParamsA
SetupDiInstallClassExW
SetupDiSetDeviceInstallParamsA
SetupDiGetClassDevsA
SetupDiCreateDeviceInfoA
SetupDefaultQueueCallbackA
SetupDiAskForOEMDisk
SetupLogErrorA
SetupIterateCabinetW
SetupCreateDiskSpaceListA
SetupDiCreateDeviceInterfaceRegKeyA
SetupPromptReboot
SetupDiClassNameFromGuidExW
SetupInstallFileExA
SetupDiCreateDeviceInfoList
SetupAddInstallSectionToDiskSpaceListA
PathFindFileNameW
GetActiveWindow
PE exports
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
217088

ImageVersion
0.0

ProductName
Microsoft Windows Operating System

FileVersionNumber
6.0.3790.3959

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Microsoft Outlook Express RT Lib

CharacterSet
Unicode

LinkerVersion
6.0

FileTypeExtension
dll

OriginalFileName
MSOERT2.DLL

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
6.00.3790.3959 (srv03_sp2_rtm.070216-1710)

TimeStamp
2015:01:23 17:52:51+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
MSOERT2

ProductVersion
6.00.3790.3959

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Windows NT 32-bit

LegalCopyright
Microsoft Corporation. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
28672

FileSubtype
0

ProductVersionNumber
6.0.3790.3959

EntryPoint
0x71b7

ObjectFileType
Dynamic link library

File identification
MD5 f9385217a5c03ecf9136ceca7e7d03d2
SHA1 225122d8a6772fe677cdc2c30d637e5ea8faed9e
SHA256 c5ea3f1f316b7a6e78fd5aafcdfba9844b8f73314802fce8a73079ecfc43941e
ssdeep
3072:mNjYXzWySJXOOxs2Nf+U5tHLNnPnXlC4tHkxoskocIcZrTHUb:mN8S+e7fDt5n/3kxPkoc5rI

authentihash 72227ac10da4f681a8850bdf1f1b7eeee127393e0d0bf40cbf0053fb873feffe
imphash 07d1cebd39546c0449c7f4cbd1adb0e2
File size 180.0 KB ( 184320 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
pedll

VirusTotal metadata
First submission 2015-01-23 21:47:27 UTC ( 3 years, 8 months ago )
Last submission 2015-02-02 16:58:45 UTC ( 3 years, 7 months ago )
File names f9385217a5c03ecf9136ceca7e7d03d2
vt-upload-5rVXv5
MSOERT2
316D70D5F.cpp
49C5C5F28.cpp
vti-rescan
B82B716C6.cpp.kaf
vt-upload-7HYxCh
MSOERT2.DLL
c5ea3f1f316b7a6e78fd5aafcdfba9844b8f73314802fce8a73079ecfc43941e
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!