× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d2d9d799680311a7915553c6cca140e018d5371a2ab8a6d38187fcf505beac35
File name: 39A9C31900B8BC26AED703469BC78C00EC3D2F2B.ax
Detection ratio: 0 / 41
Analysis date: 2010-01-05 19:36:51 UTC ( 4 years, 6 months ago ) View latest
Probably harmless! There are strong indicators suggesting that this file is safe to use.
Antivirus Result Update
AVG 20100104
AhnLab-V3 20100105
AntiVir 20091231
Antiy-AVL 20100105
Authentium 20100105
Avast 20100105
BitDefender 20100105
CAT-QuickHeal 20100105
ClamAV 20100105
Comodo 20100105
DrWeb 20100105
F-Prot 20100105
F-Secure 20100105
Fortinet 20100105
GData 20100105
Ikarus 20100105
Jiangmin 20100105
K7AntiVirus 20100105
Kaspersky 20100105
McAfee 20100105
McAfee+Artemis 20100105
McAfee-GW-Edition 20100105
Microsoft 20100105
NOD32 20100105
Norman 20100105
PCTools 20100105
Panda 20100105
Prevx 20100105
Rising 20100105
Sophos 20100105
Sunbelt 20100105
Symantec 20100105
TheHacker 20100105
TrendMicro 20100105
VBA32 20100105
ViRobot 20100105
VirusBuster 20100105
a-squared 20100105
eSafe 20100105
eTrust-Vet 20100105
nProtect 20100105
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
Authenticode signature block
Copyright
Copyright © 2003-2008 Milenko Mitrovic

Publisher http://www.dsp-worx.de
Product DC-Bass Source
Original name DCBassSource.ax
Internal name DCBassSource.ax
File version 1.2.0.0
Description DirectShow? Audio Decoder
Packers identified
F-PROT UPX_LZMA
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Link date 11:22 PM 6/19/1992
Entry Point 0x000AB970
Number of sections 3
PE sections
PE imports
VirtualProtect
VirtualFree
LoadLibraryA
VirtualAlloc
GetProcAddress
RegCloseKey
ImageList_Add
SaveDC
IsEqualGUID
VariantCopy
ShellExecuteA
VerQueryValueA
PE exports
Number of PE resources by type
RT_STRING 15
RT_BITMAP 13
RT_GROUP_CURSOR 8
RT_CURSOR 8
RT_RCDATA 4
RT_DIALOG 2
RT_VERSION 1
PNG 1
Number of PE resources by language
ENGLISH US 27
NEUTRAL 22
GERMAN 3
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
8192

ImageVersion
0.0

ProductName
DC-Bass Source

FileVersionNumber
1.2.0.0

UninitializedDataSize
466944

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

LinkerVersion
2.25

OriginalFilename
DCBassSource.ax

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.2.0.0

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
DCBassSource.ax

FileAccessDate
2014:04:24 05:33:11+01:00

ProductVersion
1.2.0.0

FileDescription
DirectShow Audio Decoder

OSVersion
4.0

FileCreateDate
2014:04:24 05:33:11+01:00

FileOS
Win32

LegalCopyright
Copyright 2003-2008 Milenko Mitrovic

MachineType
Intel 386 or later, and compatibles

CompanyName
http://www.dsp-worx.de

CodeSize
237568

FileSubtype
0

ProductVersionNumber
1.2.0.0

EntryPoint
0xab970

ObjectFileType
Dynamic link library

Compressed bundles
File identification
MD5 e0177c5e084cae9e30097b1ed0894e15
SHA1 492a46e4d6b3d73d9ea7cd6a53aa9d1a35f7a14a
SHA256 d2d9d799680311a7915553c6cca140e018d5371a2ab8a6d38187fcf505beac35
ssdeep
6144:kDpZ8tQ88HtyLchifDrusdqu6AlqlvMP/q847oS:qr2FOtt0HxvqlQDsoS

imphash eb944a7ad161c47bd1bf74545dc2cdae
File size 235.5 KB ( 241152 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (41.1%)
Win32 EXE Yoda's Crypter (35.7%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Win16/32 Executable Delphi generic (2.7%)
Tags
pedll

VirusTotal metadata
First submission 2008-12-06 13:21:39 UTC ( 5 years, 7 months ago )
Last submission 2013-06-15 08:12:30 UTC ( 1 year ago )
File names DCBassSource.ax
d2d9d799680311a7915553c6cca140e018d5371a2ab8a6d38187fcf505beac35
file-2373115_ax
smona132518881073010536662
DCBassSource_e0177c5e084cae9e30097b1ed0894e15_55824.ax_
E0177C5E084CAE9E30097B1ED0894E15
smona_d2d9d799680311a7915553c6cca140e018d5371a2ab8a6d38187fcf505beac35.bin
39A9C31900B8BC26AED703469BC78C00EC3D2F2B.ax
smona131454477951284607859
DCBassSource.ax
file-3035399_ax
492a46e4d6b3d73d9ea7cd6a53aa9d1a35f7a14a
DCBassSource.ax
smona132345198851413189453
DPYWAOXLES-773.pms.ax.SVD
Advanced heuristic and reputation engines
ClamAV PUA
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: http://www.clamav.net/index.php?s=pua&lang=en .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!