× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d1fccf64a12e491b63b8c96c1dd123b6e3912d52e88d4a0489a2a89f86a543f1
File name: fd76f3edc765e6c5971eab6c070b0963
Detection ratio: 8 / 67
Analysis date: 2018-06-06 14:02:05 UTC ( 6 months, 2 weeks ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9991 20180606
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180530
Cylance Unsafe 20180606
Endgame malicious (high confidence) 20180507
ESET-NOD32 a variant of Win64/Kryptik.BKA 20180606
Fortinet W64/Kryptik.BID!tr 20180606
Ikarus Trojan.Win64.Krypt 20180606
Sophos ML heuristic 20180601
Ad-Aware 20180606
AegisLab 20180606
AhnLab-V3 20180606
Alibaba 20180606
ALYac 20180606
Antiy-AVL 20180606
Arcabit 20180606
Avast 20180606
Avast-Mobile 20180606
AVG 20180606
Avira (no cloud) 20180606
AVware 20180606
Babable 20180406
BitDefender 20180606
Bkav 20180606
CAT-QuickHeal 20180606
ClamAV 20180606
CMC 20180606
Comodo 20180606
Cybereason 20180225
Cyren 20180606
DrWeb 20180606
eGambit 20180606
Emsisoft 20180606
F-Prot 20180606
F-Secure 20180606
GData 20180606
Jiangmin 20180606
K7AntiVirus 20180606
K7GW 20180606
Kaspersky 20180606
Kingsoft 20180606
Malwarebytes 20180606
MAX 20180606
McAfee 20180606
McAfee-GW-Edition 20180606
Microsoft 20180606
eScan 20180606
NANO-Antivirus 20180606
Palo Alto Networks (Known Signatures) 20180606
Panda 20180606
Qihoo-360 20180606
Rising 20180606
SentinelOne (Static ML) 20180225
Sophos AV 20180606
SUPERAntiSpyware 20180606
Symantec 20180606
Symantec Mobile Insight 20180605
TACHYON 20180605
Tencent 20180606
TheHacker 20180606
TotalDefense 20180606
TrendMicro 20180606
TrendMicro-HouseCall 20180606
Trustlook 20180606
VBA32 20180606
VIPRE 20180606
ViRobot 20180605
Webroot 20180606
Yandex 20180529
Zillya 20180605
ZoneAlarm by Check Point 20180606
Zoner 20180606
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem that targets 64bit architectures.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name comcat.dll
Internal name comcat.dll
File version 6.3.9600.17415 (winblue_r4.141028-1500)
Description Microsoft Component Category Manager Library
PE header basic information
Target machine x64
Compilation timestamp 2018-06-06 12:00:27
Entry Point 0x000015C0
Number of sections 7
PE sections
PE imports
GetSidLengthRequired
ImmSetCompositionWindow
GetProductInfo
ReleaseSemaphore
GetLargePageMinimum
GetModuleHandleA
GetModuleFileNameW
LocalFileTimeToFileTime
ExitProcess
DeleteTimerQueueEx
GetCurrentThreadId
GetBinaryTypeA
LZInit
MprConfigInterfaceTransportGetHandle
VarCyFromBool
VarCyFromI2
VarBstrFromI4
NdrPointerFree
SHRegGetPathW
wsprintfA
SendMessageTimeoutA
GetMenuItemID
ImpersonateDdeClientWindow
CLIPFORMAT_UserUnmarshal
ProgIDFromCLSID
FaultInIEFeature
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.3.9600.17415

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
36864

EntryPoint
0x15c0

OriginalFileName
comcat.dll

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
6.3.9600.17415 (winblue_r4.141028-1500)

TimeStamp
2018:06:06 13:00:27+01:00

FileType
Win64 DLL

PEType
PE32+

InternalName
comcat.dll

ProductVersion
6.3.9600.17415

FileDescription
Microsoft Component Category Manager Library

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows command line

MachineType
AMD AMD64

CompanyName
Microsoft Corporation

CodeSize
606208

ProductName
Microsoft Windows Operating System

ProductVersionNumber
6.3.9600.17415

FileTypeExtension
dll

ObjectFileType
Dynamic link library

File identification
MD5 fd76f3edc765e6c5971eab6c070b0963
SHA1 61d453107c782070951aab455e7a72619823be12
SHA256 d1fccf64a12e491b63b8c96c1dd123b6e3912d52e88d4a0489a2a89f86a543f1
ssdeep
6144:NTxs/WizbYYfSDEoCKgbd7h0xrgTAkK7HuwzfV4v0RU0SDHstcOZ6dvJ8lRWTJX:PTEN3Rarg8kKLuoVBU0SDJOZNWV

authentihash 1f215532212d15e78d83e9da0c8cd13ada09370fb25fab9f02456d54cba5d67f
imphash 193994097e827b8a7cc13f89827fc319
File size 624.0 KB ( 638976 bytes )
File type Win32 DLL
Magic literal
PE32+ executable for MS Windows (DLL) (console) Mono/.Net assembly

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
64bits assembly pedll

VirusTotal metadata
First submission 2018-06-06 14:02:05 UTC ( 6 months, 2 weeks ago )
Last submission 2018-06-29 14:01:25 UTC ( 5 months, 3 weeks ago )
File names comcat.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!