× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c7861ebbb8d84227cc652572266fc1324abacc9b0dea1b45122813c5cc27a894
File name: b9b1db5a555b7739261055c15fc87e2a
Detection ratio: 0 / 69
Analysis date: 2018-11-24 12:51:46 UTC ( 5 months ago )
Antivirus Result Update
Ad-Aware 20181124
AegisLab 20181124
AhnLab-V3 20181124
Alibaba 20180921
ALYac 20181124
Antiy-AVL 20181124
Arcabit 20181124
Avast 20181124
Avast-Mobile 20181124
AVG 20181124
Avira (no cloud) 20181124
Babable 20180918
Baidu 20181123
BitDefender 20181124
Bkav 20181123
CAT-QuickHeal 20181123
ClamAV 20181124
CMC 20181124
Comodo 20181124
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20181124
Cyren 20181124
DrWeb 20181124
eGambit 20181124
Emsisoft 20181124
Endgame 20181108
ESET-NOD32 20181124
F-Prot 20181124
F-Secure 20181124
Fortinet 20181124
GData 20181124
Ikarus 20181124
Sophos ML 20181108
Jiangmin 20181124
K7AntiVirus 20181124
K7GW 20181124
Kaspersky 20181124
Kingsoft 20181124
Malwarebytes 20181124
MAX 20181124
McAfee 20181124
McAfee-GW-Edition 20181124
Microsoft 20181124
eScan 20181124
NANO-Antivirus 20181124
Palo Alto Networks (Known Signatures) 20181124
Panda 20181124
Qihoo-360 20181124
Rising 20181124
SentinelOne (Static ML) 20181011
Sophos AV 20181124
SUPERAntiSpyware 20181121
Symantec 20181123
Symantec Mobile Insight 20181121
TACHYON 20181124
Tencent 20181124
TheHacker 20181118
TotalDefense 20181124
Trapmine 20180918
TrendMicro 20181124
TrendMicro-HouseCall 20181124
Trustlook 20181124
VBA32 20181123
VIPRE 20181124
ViRobot 20181124
Webroot 20181124
Yandex 20181123
Zillya 20181123
ZoneAlarm by Check Point 20181124
Zoner 20181124
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Signature verification Signed file, verified signature
Signing date 9:49 PM 6/6/2013
Signers
[+] Valve
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer VeriSign Class 3 Code Signing 2010 CA
Valid from 1:00 AM 9/28/2012
Valid to 12:59 AM 11/24/2015
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint CB84B870FAB19BE50ACFD1663414488852B8934A
Serial number 47 A9 38 ED C7 AE AC 8D C7 1D CB B4 B4 F6 11 F8
[+] VeriSign Class 3 Code Signing 2010 CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 2/8/2010
Valid to 12:59 AM 2/8/2020
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 495847A93187CFB8C71F840CB7B41497AD95C64F
Serial number 52 00 E5 AA 25 56 FC 1A 86 ED 96 C9 D4 4B 33 C7
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 1:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-06-06 20:49:29
Entry Point 0x000A8147
Number of sections 4
PE sections
Overlays
MD5 a28e007cb30c6b913a416e4d2bc7869e
File type data
Offset 1106944
Size 7592
Entropy 7.35
PE imports
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
CreateToolhelp32Snapshot
GetLastError
IsValidCodePage
GetStdHandle
EnterCriticalSection
LCMapStringW
ReadFile
SetHandleCount
GetModuleFileNameW
GetConsoleCP
GetOEMCP
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
HeapAlloc
TlsAlloc
FlushFileBuffers
GetEnvironmentStringsW
GetVersionExA
GetModuleFileNameA
RtlUnwind
GetFileAttributesW
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetCurrentProcessId
UnhandledExceptionFilter
SetFilePointer
WideCharToMultiByte
Module32First
TlsGetValue
MultiByteToWideChar
GetStartupInfoW
FreeEnvironmentStringsW
CreateDirectoryW
GetCommandLineA
GetProcAddress
GetProcessHeap
SetStdHandle
CompareStringW
GetTempPathA
RaiseException
GetCPInfo
RemoveDirectoryW
TlsFree
GetModuleHandleA
GetSystemTimeAsFileTime
FindNextFileW
WriteFileEx
SetUnhandledExceptionFilter
WriteFile
CloseHandle
IsProcessorFeaturePresent
DeleteFileW
FindFirstFileW
GetACP
GetStringTypeW
GetModuleHandleW
SetEnvironmentVariableA
IsDebuggerPresent
TerminateProcess
LoadLibraryW
InitializeCriticalSection
SetLastError
CreateFileW
VirtualQuery
FindClose
InterlockedDecrement
GetFileType
SetFileAttributesW
TlsSetValue
GetTickCount
GetCurrentThreadId
InterlockedIncrement
ExitProcess
SleepEx
WriteConsoleW
LeaveCriticalSection
GetWindowThreadProcessId
SetForegroundWindow
FindWindowExA
PostMessageA
PostThreadMessageA
cef_string_multimap_alloc
cef_string_utf8_cmp
cef_string_map_free
cef_initialize
cef_string_utf8_set
cef_request_create
cef_string_wide_clear
cef_string_multimap_append
cef_string_utf8_to_wide
cef_visit_url_cookies
cef_string_userfree_utf8_free
cef_string_list_size
cef_string_map_append
cef_string_list_copy
cef_string_list_value
cef_shutdown
cef_string_list_free
cef_post_task
cef_string_multimap_key
cef_string_multimap_size
cef_browser_create_sync
cef_set_cookie
cef_string_utf8_clear
cef_string_wide_to_utf8
cef_string_list_append
cef_string_map_key
cef_string_map_alloc
cef_string_map_value
cef_post_data_create
cef_do_message_loop_work
cef_build_revision
cef_string_multimap_value
cef_post_data_element_create
cef_string_map_size
cef_string_multimap_free
cef_string_list_alloc
?ExitScope@CVProfile@@QAEXXZ
?Set@CThreadEvent@@QAE_NXZ
g_cBadCycleCountReceived
?Start@CThread@@QAE_NI@Z
?Join@CThread@@QAE_NI@Z
?IsClaimed@CValidator@@QAE_NPAX@Z
??0CThreadEvent@@QAE@_N@Z
??1CThread@@UAE@XZ
??0CThread@@QAE@XZ
?Wait@CThreadSyncObject@@QAE_NI@Z
g_ClockSpeed
?Set@CThreadLocalBase@@QAEXPAX@Z
?IsAlive@CThread@@QAE_NXZ
?SetName@CThread@@QAEXPBD@Z
?Unlock@CThreadMutex@@QAEXXZ
?Pop@CValidator@@QAEXXZ
ThreadInterlockedAssignIf64
??1CThreadSyncObject@@QAE@XZ
g_VProfManager
AssertMsgImplementation
??0CThreadMutex@@QAE@XZ
?EnterScope@CVProfile@@QAE_NPBDH0_NHPAX@Z
ThreadSleep
Plat_IsInDebugSession
?Push@CValidator@@QAEXPBDPAX0@Z
?GetThreadProc@CThread@@EAEP6GIPAX@ZXZ
g_dwDllEntryThreadId
??1CThreadMutex@@QAE@XZ
g_VProfile
Plat_localtime
?IsThreadRunning@CThread@@MAE_NXZ
?MarkFrame@CVProfile@@QAEXPBD@Z
?Get@CThreadLocalBase@@QBEPAXXZ
?AddProfileForThread@CVProfManager@@QAEPAVCVProfileThreadEntry@@PAVCVProfile@@I@Z
Plat_FloatTime
Error
?ClaimArrayMemory@CValidator@@QAEXPAX@Z
?OnExit@CThread@@MAEXXZ
??1CThreadEvent@@QAE@XZ
?Init@CThread@@MAE_NXZ
?ClaimMemory@CValidator@@QAEXPAX@Z
g_VProfProfilesRunningCount
Warning
g_ulLastCycleSample
Plat_ExitProcess
CreateVProfile
WriteMiniDump
g_pMemAllocSteam
?Lock@CThreadMutex@@QAEXXZ
Q_snprintf
Q_StripFilename
Q_strncpy
?Q_stristr@@YAPBDPBD0@Z
Q_UTF16ToUTF8
Q_UTF32ToUTF8
Q_UTF8ToUTF16
Q_strnicmp
Q_MakeAbsolutePath
Q_UTF32ToUTF16
V_FixDoubleSlashes
PE exports
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
dll

TimeStamp
2013:06:06 21:49:29+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
796160

LinkerVersion
10.0

ImageFileCharacteristics
Executable, 32-bit, DLL

EntryPoint
0xa8147

InitializedDataSize
329216

SubsystemVersion
5.1

ImageVersion
0.0

OSVersion
5.1

UninitializedDataSize
0

Compressed bundles
File identification
MD5 c5c8c2bb002bcd580cdf3aa61d9ab6bf
SHA1 676f630c905dab8761c772d27fa301452c05a66f
SHA256 c7861ebbb8d84227cc652572266fc1324abacc9b0dea1b45122813c5cc27a894
ssdeep
24576:+qyuljDxqYZQy8IYXUBfsEnfOwGBlDT1s3lav:boYAIYEKoWwGBlDT2lav

authentihash 6f0e84983348b2eee4de1ae3723342f6da8c9af903367c58ec801376694e7b69
imphash d2337b548fbf0b9578ba8a6fe66dd456
File size 1.1 MB ( 1114536 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
pedll signed overlay

VirusTotal metadata
First submission 2013-06-07 16:23:44 UTC ( 5 years, 10 months ago )
Last submission 2014-02-17 05:53:57 UTC ( 5 years, 2 months ago )
File names chromehtml.dll
b9b1db5a555b7739261055c15fc87e2a
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!