× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c6d838b4f4635bdc23f12cb0961cbf2ed7d8358eb7259c71946aa2d3cdd816cf
File name: 2.dll
Detection ratio: 3 / 57
Analysis date: 2015-02-13 14:08:26 UTC ( 2 years, 7 months ago ) View latest
Antivirus Result Update
Bkav HW32.Packed.D950 20150213
ESET-NOD32 a variant of Win32/Kryptik.CYKH 20150213
McAfee Downloader-FAPL!6693F0093A2D 20150213
Ad-Aware 20150213
AegisLab 20150213
Yandex 20150212
AhnLab-V3 20150213
Alibaba 20150213
ALYac 20150214
Antiy-AVL 20150213
Avast 20150213
AVG 20150214
Avira (no cloud) 20150213
AVware 20150213
Baidu-International 20150213
BitDefender 20150213
ByteHero 20150213
CAT-QuickHeal 20150213
ClamAV 20150213
CMC 20150211
Comodo 20150213
Cyren 20150213
DrWeb 20150213
Emsisoft 20150213
F-Prot 20150213
F-Secure 20150213
Fortinet 20150213
GData 20150213
Ikarus 20150213
Jiangmin 20150212
K7AntiVirus 20150213
K7GW 20150213
Kaspersky 20150213
Kingsoft 20150213
Malwarebytes 20150213
McAfee-GW-Edition 20150213
Microsoft 20150213
eScan 20150213
NANO-Antivirus 20150213
Norman 20150213
nProtect 20150213
Panda 20150213
Qihoo-360 20150213
Rising 20150213
Sophos AV 20150213
SUPERAntiSpyware 20150213
Symantec 20150214
Tencent 20150213
TheHacker 20150212
TotalDefense 20150213
TrendMicro 20150214
TrendMicro-HouseCall 20150214
VBA32 20150213
VIPRE 20150213
ViRobot 20150213
Zillya 20150213
Zoner 20150213
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright 1999-2006, Intel Corporation

Product Intel(R) Common User Interface
Original name IGFXRES.DLL
Internal name IGFXRES
File version 6.15.10.5402
Description igfxres Module
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-02-13 12:14:31
Entry Point 0x00005390
Number of sections 4
PE sections
PE imports
ClusterNetworkEnum
GetClusterInformation
ClusterRegGetKeySecurity
SetBkColor
LocalCompact
VerLanguageNameA
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
CopyFileW
SystemTimeToFileTime
LCMapStringW
GetModuleFileNameW
EndUpdateResourceW
WaitForSingleObject
GetLargestConsoleWindowSize
GetDriveTypeA
IsDebuggerPresent
FindNextFileW
ActivateActCtx
CallNamedPipeA
FatalAppExitA
IsDBCSLeadByte
EndUpdateResourceA
RemoveDirectoryA
WinExec
QueryPerformanceFrequency
GlobalSize
GetDevicePowerState
AttachConsole
CreateActCtxA
CommConfigDialogW
MapViewOfFileEx
WriteTapemark
GetWindowsDirectoryA
GetCPInfoExA
FindFirstVolumeA
VerifyVersionInfoW
QueryActCtxW
GetConsoleTitleA
SetThreadAffinityMask
GetProcAddress
GetPrivateProfileIntW
InterlockedCompareExchange
HeapWalk
ReadFileScatter
OpenMutexA
lstrcpyA
RegisterWaitForSingleObject
WriteFile
RequestWakeupLatency
GetFileAttributesA
WaitForDebugEvent
WriteConsoleOutputA
HeapUnlock
SetComputerNameW
EnumSystemLanguageGroupsA
WriteFileEx
InterlockedExchange
GetTempPathW
EnumCalendarInfoA
EnumSystemCodePagesW
GetVolumeNameForVolumeMountPointW
SwitchToFiber
lstrcpynA
ReleaseActCtx
SetThreadIdealProcessor
CreateConsoleScreenBuffer
GetModuleHandleW
FindActCtxSectionStringW
SetVolumeLabelW
GetOEMCP
ConnectNamedPipe
GetExitCodeThread
ReadConsoleOutputW
ReadDirectoryChangesW
SetComputerNameExA
OpenSemaphoreA
FillConsoleOutputCharacterA
GlobalAlloc
WriteConsoleOutputCharacterA
TransactNamedPipe
GetProfileIntA
GetFileAttributesExA
GetTickCount
GetCurrentThreadId
ReadConsoleOutputA
MprAdminMIBEntrySet
MprConfigTransportGetInfo
GetErrorInfo
Shell_NotifyIconW
DuplicateIcon
SHFreeNameMappings
SHGetFileInfoW
ExtractAssociatedIconW
GetLastActivePopup
IsCharUpperW
RemovePropW
GetClassLongA
MoveWindow
strncmp
sscanf
tolower
iswctype
wcstok
fprintf
memset
iswlower
memcpy
iscntrl
wcsspn
isdigit
atoi
wcsncat
vprintf
putwc
strcmp
strncpy
VerSetConditionMask
PdhGetDataSourceTimeRangeA
PdhBrowseCountersW
PdhGetFormattedCounterArrayW
PdhGetCounterInfoW
PdhAddCounterA
CreateURLMonikerEx
GetClassFileOrMime
Number of PE resources by type
RT_STRING 37
RT_DIALOG 1
RT_VERSION 1
Number of PE resources by language
HUNGARIAN DEFAULT 39
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
14336

ImageVersion
0.233

ProductName
Intel(R) Common User Interface

FileVersionNumber
6.15.10.5402

UninitializedDataSize
2988420930

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
0.159

FileTypeExtension
dll

OriginalFileName
IGFXRES.DLL

MIMEType
application/octet-stream

Subsystem
Windows command line

FileVersion
6.15.10.5402

TimeStamp
2015:02:13 13:14:31+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
IGFXRES

ProductVersion
6.15.10.5402

FileDescription
igfxres Module

OSVersion
5.0

FileOS
Win32

LegalCopyright
Copyright 1999-2006, Intel Corporation

MachineType
Intel 386 or later, and compatibles

CompanyName
Intel Corporation

CodeSize
271872

FileSubtype
0

ProductVersionNumber
6.15.10.5402

EntryPoint
0x5390

ObjectFileType
Dynamic link library

File identification
MD5 6693f0093a2d6740149de5d6e950f6c6
SHA1 741626769fbd626126789b7445bf7de7d15f98eb
SHA256 c6d838b4f4635bdc23f12cb0961cbf2ed7d8358eb7259c71946aa2d3cdd816cf
ssdeep
6144:GbQooLP71RYJo4mVRfL5hTyJQTIe/9cez/TvLKN/nqO:GS71RYJKhTyJQUUcUTv6V

authentihash 7c7fccd8aa6c1b2634baad66d17739fab3c378ecb035ec31526d740bab276125
imphash ce3778571278ab7a295949f5af5d8fb8
File size 286.0 KB ( 292864 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
pedll

VirusTotal metadata
First submission 2015-02-13 14:08:26 UTC ( 2 years, 7 months ago )
Last submission 2016-09-03 04:22:05 UTC ( 1 year ago )
File names IGFXRES.DLL
bot_x32_6693f0093a2d6740149de5d6e950f6c6.dll.bin
2.dll
VirusShare_6693f0093a2d6740149de5d6e950f6c6
IGFXRES
2.tmp
XByohWsuY.rtf
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!