× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d48c4826ec708a0581cf2a4455b500ee3830ef74e151f0e5888f5cc5b916a411
File name: apisetstub
Detection ratio: 0 / 69
Analysis date: 2019-02-11 01:29:21 UTC ( 1 month, 1 week ago )
Trusted source! This file belongs to the Microsoft Corporation software catalogue.
Antivirus Result Update
ALYac 20190211
AVG 20190211
Acronis 20190208
Ad-Aware 20190211
AegisLab 20190210
AhnLab-V3 20190210
Alibaba 20180921
Antiy-AVL 20190210
Arcabit 20190210
Avast 20190211
Avast-Mobile 20190210
Avira (no cloud) 20190210
Babable 20180918
Baidu 20190202
BitDefender 20190211
Bkav 20190201
CAT-QuickHeal 20190210
CMC 20190210
ClamAV 20190210
Comodo 20190211
CrowdStrike Falcon (ML) 20181023
Cylance 20190211
Cyren 20190211
DrWeb 20190211
ESET-NOD32 20190210
Emsisoft 20190211
Endgame 20181108
F-Prot 20190211
F-Secure 20190210
Fortinet 20190210
GData 20190210
Ikarus 20190210
Sophos ML 20181128
Jiangmin 20190211
K7AntiVirus 20190210
K7GW 20190210
Kaspersky 20190211
Kingsoft 20190211
MAX 20190211
Malwarebytes 20190211
McAfee 20190210
McAfee-GW-Edition 20190210
eScan 20190211
Microsoft 20190210
NANO-Antivirus 20190210
Palo Alto Networks (Known Signatures) 20190211
Panda 20190210
Qihoo-360 20190211
Rising 20190211
SUPERAntiSpyware 20190206
SentinelOne (Static ML) 20190203
Sophos AV 20190211
Symantec 20190210
TACHYON 20190211
Tencent 20190211
TheHacker 20190203
TotalDefense 20190210
Trapmine 20190123
TrendMicro 20190210
TrendMicro-HouseCall 20190211
Trustlook 20190211
VBA32 20190208
ViRobot 20190210
Webroot 20190211
Yandex 20190210
Zillya 20190208
ZoneAlarm by Check Point 20190211
Zoner 20190211
eGambit 20190211
Cybereason 20190109
Symantec Mobile Insight 20190207
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name apisetstub
Internal name apisetstub
File version 10.0.9904.0 (fbl_refactor.141207-1750)
Description ApiSet Stub DLL
Signature verification Signed file, verified signature
Signing date 5:33 AM 6/14/2016
Signers
[+] Microsoft Corporation
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Microsoft Code Signing PCA
Valid from 04:42 PM 06/04/2015
Valid to 04:42 PM 09/04/2016
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 3BDA323E552DB1FDE5F4FBEE75D6D5B2B187EEDC
Serial number 33 00 00 01 0A 2C 79 AE D7 79 7B A6 AC 00 01 00 00 01 0A
[+] Microsoft Code Signing PCA
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 09:19 PM 08/31/2010
Valid to 09:29 PM 08/31/2020
Valid usage All
Algorithm sha1RSA
Thumbprint 3CAF9BA2DB5570CAF76942FF99101B993888E257
Serial number 61 33 26 1A 00 00 00 00 00 31
[+] Microsoft Root Certificate Authority
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 10:19 PM 05/09/2001
Valid to 10:28 PM 05/09/2021
Valid usage All
Algorithm sha1RSA
Thumbprint CDD4EEAE6000AC7F40C3802C171E30148030C072
Serial number 79 AD 16 A1 4A A0 A5 AD 4C 73 58 F4 07 13 2E 65
Counter signers
[+] Microsoft Time-Stamp Service
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Microsoft Time-Stamp PCA
Valid from 06:21 PM 03/30/2016
Valid to 06:21 PM 06/30/2017
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint C7C18D5C43BDA45B2E58186F2717CD1B2001FCAA
Serial number 33 00 00 00 9B E0 74 37 CB 3D 4D 8D 2E 00 00 00 00 00 9B
[+] Microsoft Time-Stamp PCA
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 11:53 AM 04/03/2007
Valid to 12:03 PM 04/03/2021
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 375FCB825C3DC3752A02E34EB70993B4997191EF
Serial number 61 16 68 34 00 00 00 00 00 1C
[+] Microsoft Root Certificate Authority
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 10:19 PM 05/09/2001
Valid to 10:28 PM 05/09/2021
Valid usage All
Algorithm sha1RSA
Thumbrint CDD4EEAE6000AC7F40C3802C171E30148030C072
Serial number 79 AD 16 A1 4A A0 A5 AD 4C 73 58 F4 07 13 2E 65
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-12-08 06:54:15
Number of sections 2
PE sections
Overlays
MD5 c24b46bd4af9a71211f5ff4da3facaab
File type data
Offset 3584
Size 16112
Entropy 7.42
PE exports
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
12.1

ImageVersion
10.0

FileSubtype
0

FileVersionNumber
10.0.9904.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
ApiSet Stub DLL

ImageFileCharacteristics
Executable, 32-bit, DLL

CharacterSet
Unicode

InitializedDataSize
1024

EntryPoint
0x0000

OriginalFileName
apisetstub

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
10.0.9904.0 (fbl_refactor.141207-1750)

TimeStamp
2014:12:08 07:54:15+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
apisetstub

ProductVersion
10.0.9904.0

SubsystemVersion
10.0

OSVersion
10.0

FileOS
Windows NT 32-bit

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
1536

ProductName
Microsoft Windows Operating System

ProductVersionNumber
10.0.9904.0

FileTypeExtension
dll

ObjectFileType
Dynamic link library

CarbonBlack CarbonBlack acts as a surveillance camera for computers
Compressed bundles
File identification
MD5 ce1f93ac30a0031dd2d9c59f61110fd4
SHA1 bdc3d0ce8d64e135b863bfb8cd3afac1fe52da1e
SHA256 d48c4826ec708a0581cf2a4455b500ee3830ef74e151f0e5888f5cc5b916a411
ssdeep
192:KQWBhWE+FI/V9YOCAs/nGfe4pBjSz2Wm78RFAII1RHnhWgN7aMW+V8qnajYONGGO:jWBhWbyAA0GftpBjSERHRN7FV8lfgGiF

authentihash 95f1d2561438753e452ddd3965ba682174478eb06226a580a1b0a12ac61a77e7
File size 19.2 KB ( 19696 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
pedll signed trusted overlay

Trusted verdicts
This file belongs to the Microsoft Corporation software catalogue. The file is often found with api-ms-win-core-psapi-l1-1-0.dll as its name.
VirusTotal metadata
First submission 2016-07-01 20:15:28 UTC ( 2 years, 8 months ago )
Last submission 2016-07-01 20:15:28 UTC ( 2 years, 8 months ago )
File names fil7F2F3BC336466AFCF22DFAD2FBEB2ADA
api-ms-win-core-psapi-l1-1-0.dll
fil7238869F7C006FDA670F5DBC8084826C
filFF4F34735A8D01358A85D20BAF7D3F8E
filA207C0C9A8E41209D6BE014F127CEBDF
apisetstub
filC6E68E91F17E8244FD7048CD3080CF8E
api-ms-win-core-psapi-l1-1-0.dll
api-ms-win-core-psapi-l1-1-0.dll
filCDBA3AAA4037FDBD210A7F6D590F0AE0
filA086B58D4C943B301354616D37EED6D7
filB9FC89A71074896F2F384AA7C0977A0A
nav3685.tmp
fil9E4370B7F2420DD5AA828FCE953D97B3
filA2016484E37AEBC3FED0F21AC816277D
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!