× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c729d9ab696a1d14eba27e7ee3d28d19cf2a83f6e3cd21e7a4f166b82727c97a
File name: GenericAskToolbar.dll
Detection ratio: 3 / 66
Analysis date: 2018-01-11 12:20:59 UTC ( 1 year, 3 months ago )
Antivirus Result Update
Bkav W32.HfsAdware.C75E 20180111
ESET-NOD32 a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe 20180111
Fortinet Riskware/Ask 20180111
Ad-Aware 20180111
AegisLab 20180111
AhnLab-V3 20180111
Alibaba 20180111
ALYac 20180111
Antiy-AVL 20180111
Arcabit 20180111
Avast 20180111
Avast-Mobile 20180111
AVG 20180111
Avira (no cloud) 20180111
AVware 20180103
Baidu 20180111
BitDefender 20180111
CAT-QuickHeal 20180111
ClamAV 20180111
CMC 20180111
Comodo 20180111
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cylance 20180111
Cyren 20180111
DrWeb 20180111
eGambit 20180111
Emsisoft 20180111
Endgame 20171130
F-Prot 20180111
F-Secure 20180111
GData 20180111
Ikarus 20180111
Sophos ML 20170914
Jiangmin 20180111
K7AntiVirus 20180111
K7GW 20180111
Kaspersky 20180111
Kingsoft 20180111
Malwarebytes 20180111
MAX 20180111
McAfee 20180110
McAfee-GW-Edition 20180111
Microsoft 20180111
eScan 20180111
NANO-Antivirus 20180111
nProtect 20180111
Palo Alto Networks (Known Signatures) 20180111
Panda 20180110
Qihoo-360 20180111
Rising 20180111
SentinelOne (Static ML) 20171224
Sophos AV 20180111
SUPERAntiSpyware 20180111
Symantec 20180111
Symantec Mobile Insight 20180111
Tencent 20180111
TheHacker 20180108
TotalDefense 20180111
TrendMicro 20180111
TrendMicro-HouseCall 20180111
Trustlook 20180111
VBA32 20180111
VIPRE 20180111
ViRobot 20180111
Webroot 20180111
Yandex 20180111
Zillya 20180111
ZoneAlarm by Check Point 20180111
Zoner 20180111
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
(c) Ask. All rights reserved.

Product Toolbar
Original name GenericAskToolbar.dll
Internal name GenericAskToolbar.dll
File version 5.15.18.37268
Description Avira SearchFree Toolbar
Signature verification Signed file, verified signature
Signing date 12:09 AM 2/9/2013
Signers
[+] Ask.com
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer VeriSign Class 3 Code Signing 2010 CA
Valid from 1:00 AM 6/20/2011
Valid to 12:59 AM 6/19/2014
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 6A67AEA201E76B8957B837D5C20645B0243FDA7E
Serial number 09 65 F2 AC 72 36 C7 E1 BD CA 44 ED 13 9B 27 3A
[+] VeriSign Class 3 Code Signing 2010 CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 2/8/2010
Valid to 12:59 AM 2/8/2020
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 495847A93187CFB8C71F840CB7B41497AD95C64F
Serial number 52 00 E5 AA 25 56 FC 1A 86 ED 96 C9 D4 4B 33 C7
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 1:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-02-08 23:09:58
Entry Point 0x000C8295
Number of sections 5
PE sections
Overlays
MD5 f94a03caa83d1b7fa6c67099030ab22e
File type data
Offset 1513984
Size 7816
Entropy 7.28
PE imports
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegFlushKey
RegEnumKeyW
RegEnumKeyExW
RegEnumValueW
RegDeleteKeyW
RegQueryValueExW
RegQueryValueW
RegOpenKeyW
GetFileTitleW
SetDIBits
GetCharABCWidthsW
GetWindowExtEx
SetMapMode
TextOutW
CreateFontIndirectW
SetBkMode
GetTextExtentPoint32W
GetRgnBox
SaveDC
GdiFlush
CreateRectRgnIndirect
PtInRegion
GetClipBox
GetTextMetricsW
GetPixel
GetDeviceCaps
TranslateCharsetInfo
OffsetViewportOrgEx
DeleteDC
RestoreDC
GetMapMode
StretchBlt
SetPixel
CreateSolidBrush
DeleteObject
GetObjectW
BitBlt
GetBkMode
CreateDIBSection
SetTextColor
ExtTextOutW
CreateBitmap
RectVisible
GetStockObject
SetViewportOrgEx
ScaleWindowExtEx
SetBkColor
PtVisible
GetDIBits
ExtSelectClipRgn
EnumFontFamiliesExW
CreateCompatibleDC
CreateFontW
GetBkColor
ScaleViewportExtEx
CreateRectRgn
SelectObject
SetDIBColorTable
SetWindowExtEx
GetTextColor
SetWindowOrgEx
Escape
GetViewportExtEx
SetViewportExtEx
CreateCompatibleBitmap
SetThreadLocale
GetStdHandle
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
Thread32Next
HeapDestroy
GetFileAttributesW
lstrcmpW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
GetVolumeInformationW
SetErrorMode
FreeEnvironmentStringsW
lstrcatW
GetLocaleInfoW
SetStdHandle
GetFileTime
GetTempPathA
GetCPInfo
GetStringTypeA
InterlockedExchange
GetTempPathW
GetSystemTimeAsFileTime
Thread32First
HeapReAlloc
GetStringTypeW
GetFullPathNameA
SetEvent
LocalFree
FormatMessageW
ResumeThread
CreateEventW
OutputDebugStringW
GlobalHandle
FindClose
TlsGetValue
FormatMessageA
GetFullPathNameW
OutputDebugStringA
WritePrivateProfileStringW
SetLastError
GetUserDefaultUILanguage
GetSystemTime
InterlockedDecrement
GlobalFindAtomW
LoadResource
RemoveDirectoryW
IsDebuggerPresent
HeapAlloc
FlushFileBuffers
GetModuleFileNameA
lstrcmpiW
EnumSystemLocalesA
LockFileEx
EnumResourceLanguagesW
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
FlushInstructionCache
LeaveCriticalSection
GetModuleHandleA
GlobalAddAtomW
CreateThread
SetEnvironmentVariableW
MoveFileExW
SetUnhandledExceptionFilter
ConvertDefaultLocale
CreateMutexW
MulDiv
IsProcessorFeaturePresent
GetDateFormatA
ExitThread
SetEnvironmentVariableA
TerminateProcess
WriteConsoleA
VirtualQuery
CopyFileW
SetEndOfFile
GetCurrentThreadId
GetProcAddress
WriteConsoleW
CreateToolhelp32Snapshot
AreFileApisANSI
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
TerminateThread
LoadLibraryW
GetVersionExW
GetOEMCP
QueryPerformanceCounter
GetTickCount
IsBadWritePtr
TlsAlloc
VirtualProtect
GetVersionExA
LoadLibraryA
RtlUnwind
FreeLibrary
LocalLock
GlobalSize
GetStartupInfoA
UnlockFile
GetFileSize
LCMapStringW
DeleteFileA
CreateDirectoryW
DeleteFileW
GetUserDefaultLCID
GetProcessHeap
CompareStringW
lstrcpyW
GetFileSizeEx
GlobalReAlloc
GetModuleFileNameW
lstrcmpA
CompareStringA
ResetEvent
FindFirstFileW
IsValidLocale
DuplicateHandle
GlobalLock
GlobalAlloc
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LocalUnlock
InterlockedIncrement
GetLastError
InitializeCriticalSection
LocalReAlloc
GlobalDeleteAtom
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
FindResourceW
LCMapStringA
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
LockFile
lstrlenW
CreateProcessW
FileTimeToLocalFileTime
GetEnvironmentStrings
GetCurrentProcessId
LockResource
WideCharToMultiByte
HeapSize
GetCommandLineA
InterlockedCompareExchange
GetCurrentThread
lstrcpynW
RaiseException
TlsFree
SetFilePointer
ReadFile
GlobalFlags
CloseHandle
GetACP
GetModuleHandleW
GetVersion
FreeResource
SizeofResource
CreateProcessA
IsValidCodePage
HeapCreate
WriteFile
VirtualFree
Sleep
IsBadReadPtr
VirtualAlloc
GetTimeFormatA
AlphaBlend
VarUdateFromDate
SysStringLen
SysStringByteLen
OleCreateFontIndirect
SysAllocString
VariantCopy
VariantInit
SafeArrayAccessData
UnRegisterTypeLib
SafeArrayUnaccessData
SafeArrayDestroy
SafeArrayCreateVector
LoadTypeLib
SysFreeString
SysAllocStringByteLen
LoadRegTypeLib
VariantChangeType
DispCallFunc
VarUI4FromStr
VariantTimeToSystemTime
SystemTimeToVariantTime
RegisterTypeLib
SysAllocStringLen
VariantClear
VarDateFromStr
SetupGetLineTextW
SetupOpenInfFileW
SetupCloseInfFile
SHGetFolderPathW
ShellExecuteW
SHFileOperationW
Ord(176)
UrlUnescapeW
SHDeleteKeyW
PathFindFileNameW
StrCmpNW
PathIsUNCW
StrStrIW
PathFindExtensionW
PathStripToRootW
RedrawWindow
GetForegroundWindow
SetMenuItemBitmaps
LoadBitmapW
MoveWindow
DestroyMenu
PostQuitMessage
GetMessagePos
SetWindowPos
IsWindow
GrayStringW
EndPaint
WindowFromPoint
GetMessageTime
SetMenuItemInfoW
SetActiveWindow
DispatchMessageW
GetCursorPos
ReleaseDC
GetDlgCtrlID
GetMenu
UnregisterClassA
UnregisterClassW
GetClassInfoW
CreateAcceleratorTableW
DrawTextW
GetNextDlgTabItem
CallNextHookEx
LoadImageW
GetTopWindow
GetWindowTextW
DialogBoxIndirectParamW
CopyAcceleratorTableW
GetWindowTextLengthW
GetActiveWindow
InvalidateRgn
PtInRect
GetClassInfoExW
UpdateWindow
GetPropW
EqualRect
GetMessageW
ShowWindow
GetNextDlgGroupItem
SetPropW
EnumDisplayMonitors
PeekMessageW
EnableWindow
CharUpperW
TranslateMessage
IsWindowEnabled
GetWindow
SystemParametersInfoA
RegisterClassW
GetWindowPlacement
SetWindowLongW
IsHungAppWindow
EnableMenuItem
TrackPopupMenuEx
GetSubMenu
SetTimer
IsDialogMessageW
FillRect
CopyRect
WaitForInputIdle
GetSysColorBrush
GetDialogBaseUnits
CreateWindowExW
TabbedTextOutW
GetWindowLongW
DestroyWindow
IsChild
SetFocus
RegisterWindowMessageW
GetMonitorInfoW
BeginPaint
OffsetRect
DefWindowProcW
ReleaseCapture
KillTimer
MapWindowPoints
GetParent
SendDlgItemMessageA
GetSystemMetrics
IsIconic
GetWindowRect
InflateRect
SetCapture
DrawIcon
EnumChildWindows
IntersectRect
RemovePropW
SendDlgItemMessageW
PostMessageW
CreatePopupMenu
CheckMenuItem
GetClassLongW
GetLastActivePopup
SetWindowTextW
GetDlgItem
GetMenuCheckMarkDimensions
ClientToScreen
PostThreadMessageW
GetMenuItemCount
DestroyAcceleratorTable
GetMenuState
SetWindowsHookExW
LoadCursorW
LoadIconW
GetMenuItemID
InsertMenuW
SetForegroundWindow
GetClientRect
GetMenuItemInfoW
CreateDialogIndirectParamW
MapDialogRect
DrawTextExW
SetLayeredWindowAttributes
EndDialog
FindWindowW
GetCapture
ScreenToClient
MessageBeep
RemoveMenu
GetWindowThreadProcessId
MessageBoxW
SendMessageW
RegisterClassExW
SetMenu
SetRectEmpty
MessageBoxA
AppendMenuW
GetWindowDC
DestroyCursor
AdjustWindowRectEx
GetSysColor
RegisterClipboardFormatW
GetKeyState
GetWindowRgn
IsWindowVisible
WinHelpW
GetDesktopWindow
SetWindowContextHelpId
SystemParametersInfoW
UnionRect
GetDC
SetRect
InvalidateRect
wsprintfA
CharNextW
CallWindowProcW
GetClassNameW
ModifyMenuW
MonitorFromWindow
ValidateRect
IsRectEmpty
GetFocus
GetAncestor
UnhookWindowsHookEx
SetCursor
IsThemeActive
OpenThemeData
CloseThemeData
DrawThemeBackground
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
HttpQueryInfoW
InternetOpenUrlA
InternetConnectW
InternetCreateUrlW
InternetReadFile
HttpEndRequestW
HttpSendRequestExW
InternetCloseHandle
InternetCrackUrlW
InternetSetOptionW
HttpSendRequestW
InternetOpenUrlW
InternetOpenW
HttpOpenRequestW
GetUrlCacheEntryInfoW
ClosePrinter
DocumentPropertiesW
OpenPrinterW
getaddrinfo
freeaddrinfo
GdipAddPathLine
GdipBitmapLockBits
GdipCreateBitmapFromFile
GdipCreateLineBrushFromRectWithAngleI
GdipSetLineSigmaBlend
GdipGetImageHeight
GdipCreateSolidFill
GdipSetSmoothingMode
GdipDrawPath
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipGetImagePalette
GdipDisposeImage
GdipCreatePath
GdipBitmapUnlockBits
GdiplusStartup
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreatePen2
GdipGetImagePaletteSize
GdipAlloc
GdipGetImageWidth
GdipDrawImageI
GdipDeletePath
GdipDeletePen
GdipFillRectangleI
GdipCloneBrush
GdipFree
GdipDeleteBrush
GdipCloneImage
GdipGetImageGraphicsContext
GdipGetImagePixelFormat
OleUninitialize
OleLockRunning
StgOpenStorageOnILockBytes
StringFromGUID2
CreateStreamOnHGlobal
OleFlushClipboard
CoCreateGuid
StringFromCLSID
CoRegisterMessageFilter
CLSIDFromString
CreateILockBytesOnHGlobal
CoGetClassObject
OleInitialize
CoTaskMemRealloc
CoCreateInstance
CoTaskMemAlloc
CoRevokeClassObject
StgCreateDocfileOnILockBytes
CLSIDFromProgID
CoFreeUnusedLibraries
GetHGlobalFromStream
OleIsCurrentClipboard
CoTaskMemFree
OleUIBusyW
PE exports
Number of PE resources by type
RT_DIALOG 7
PNG 5
REGISTRY 3
RT_BITMAP 3
RT_HTML 1
RT_ICON 1
TYPELIB 1
RT_MANIFEST 1
RT_STRING 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 25
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
5.15.18.37268

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
507904

EntryPoint
0xc8295

OriginalFileName
GenericAskToolbar.dll

MIMEType
application/octet-stream

LegalCopyright
(c) Ask. All rights reserved.

FileVersion
5.15.18.37268

TimeStamp
2013:02:09 00:09:58+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
GenericAskToolbar.dll

ProductVersion
5.15.18.37268

FileDescription
Avira SearchFree Toolbar

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Ask

CodeSize
1005056

ProductName
Toolbar

ProductVersionNumber
5.15.18.37268

FileTypeExtension
dll

ObjectFileType
Dynamic link library

Compressed bundles
File identification
MD5 c4171025d5473ff08e2822fde1a94b3a
SHA1 80e331e5e801068e6048db7a2ab2b55f0a3059ce
SHA256 c729d9ab696a1d14eba27e7ee3d28d19cf2a83f6e3cd21e7a4f166b82727c97a
ssdeep
24576:YrEZiHcdC7gkHWXlq/M8bpnTQCGfXkgI/Kof8ewxU+86/uPTsZTKmdJX:YrE20JkHgq/TJ10eeU+5GPTsZTBJX

authentihash 1f112831ddc6d68667e6972d385470da07991eb90545ebfd6ec7bce32f04b4b2
imphash 07cb5af0b35ec80454ec2abf3b8f92f5
File size 1.5 MB ( 1521800 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID DirectShow filter (46.3%)
Windows ActiveX control (26.7%)
InstallShield setup (9.8%)
Win32 Executable MS Visual C++ (generic) (7.1%)
Win64 Executable (generic) (6.3%)
Tags
pedll signed overlay

VirusTotal metadata
First submission 2013-03-11 09:49:18 UTC ( 6 years, 1 month ago )
Last submission 2015-07-28 19:37:43 UTC ( 3 years, 9 months ago )
File names genericasktoolbar.dll
GenericAskToolbar.dll
GenericAskToolbar.dll
genericasktoolbar.dll
GenericAskToolbar.dll
genericasktoolbar.dll
GenericAskToolbar.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!