× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d6cad84d8ddc4581c67e1915b74bc178e48199811988de95d46c915dace3fc9b
File name: qtiff4.dll
Detection ratio: 0 / 64
Analysis date: 2017-07-28 02:24:34 UTC ( 1 year, 8 months ago )
Antivirus Result Update
Ad-Aware 20170728
AegisLab 20170728
AhnLab-V3 20170728
Alibaba 20170727
ALYac 20170728
Antiy-AVL 20170728
Arcabit 20170728
Avast 20170728
AVG 20170728
Avira (no cloud) 20170727
AVware 20170728
Baidu 20170727
BitDefender 20170728
Bkav 20170727
CAT-QuickHeal 20170727
ClamAV 20170728
CMC 20170728
Comodo 20170727
CrowdStrike Falcon (ML) 20170710
Cylance 20170728
Cyren 20170728
DrWeb 20170728
Emsisoft 20170728
Endgame 20170721
ESET-NOD32 20170727
F-Prot 20170728
F-Secure 20170728
Fortinet 20170728
GData 20170728
Ikarus 20170727
Sophos ML 20170607
Jiangmin 20170727
K7AntiVirus 20170727
K7GW 20170727
Kaspersky 20170727
Kingsoft 20170728
Malwarebytes 20170727
MAX 20170728
McAfee 20170728
McAfee-GW-Edition 20170727
Microsoft 20170728
eScan 20170727
NANO-Antivirus 20170727
nProtect 20170728
Palo Alto Networks (Known Signatures) 20170728
Panda 20170727
Qihoo-360 20170728
Rising 20170728
SentinelOne (Static ML) 20170718
Sophos AV 20170728
SUPERAntiSpyware 20170728
Symantec 20170727
Symantec Mobile Insight 20170728
Tencent 20170728
TheHacker 20170727
TotalDefense 20170727
TrendMicro 20170728
TrendMicro-HouseCall 20170728
Trustlook 20170728
VBA32 20170727
VIPRE 20170728
ViRobot 20170727
Webroot 20170728
Yandex 20170726
Zillya 20170727
ZoneAlarm by Check Point 20170728
Zoner 20170728
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2012 Nokia Corporation and/or its subsidiary(-ies).

Product Qt4
Original name qtiff4.dll
File version 4.8.2.0
Description C++ application development framework.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-09-11 05:16:44
Entry Point 0x00021F17
Number of sections 5
PE sections
PE imports
GlobalSize
GetCurrentProcess
TerminateProcess
SetUnhandledExceptionFilter
GetCurrentProcessId
GlobalFree
GlobalAlloc
InterlockedExchange
QueryPerformanceCounter
UnhandledExceptionFilter
IsDebuggerPresent
GetTickCount
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
Sleep
GetCurrentThreadId
InterlockedCompareExchange
_malloc_crt
rand
_CIatan2
memset
__dllonexit
fprintf
__clean_type_info_names_internal
_amsg_exit
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
floor
??2@YAPAXI@Z
strncmp
_lock
qsort
_onexit
_encode_pointer
sprintf
_wassert
_decode_pointer
_adjust_fdiv
_CxxThrowException
_unlock
_crt_debugger_hook
??3@YAXPAX@Z
free
_CIlog
_except_handler4_common
vfprintf
memcpy
__CxxFrameHandler3
_CIsqrt
_initterm_e
__iob_func
_CIpow
_CIexp
_encoded_null
bsearch
__CppXcptFilter
_initterm
?qBadAlloc@@YAXXZ
?fromRawData@QByteArray@@SA?AV1@PBDH@Z
?write@QIODevice@@QAE_JPBD_J@Z
inflateEnd
?detach@QListData@@QAEPAUData@1@H@Z
deflateReset
?peek@QIODevice@@QAE?AVQByteArray@@_J@Z
?qstrcmp@@YAHABVQByteArray@@PBD@Z
deflateInit_
?read@QIODevice@@QAE_JPAD_J@Z
?append@QListData@@QAEPAPAXXZ
inflateSync
inflateReset
??1QByteArray@@QAE@XZ
?free@QString@@CAXPAUData@1@@Z
?reallocate@QVectorData@@SAPAU1@PAU1@HHH@Z
deflateParams
?qWarning@@YAXPBDZZ
inflateInit_
?detach_grow@QListData@@QAEPAUData@1@PAHH@Z
deflateEnd
?childEvent@QObject@@MAEXPAVQChildEvent@@@Z
?removeGuard@QMetaObject@@SAXPAPAVQObject@@@Z
inflate
?fromLatin1_helper@QString@@CAPAUData@1@PBDH@Z
?allocate@QVectorData@@SAPAU1@HH@Z
??0QByteArray@@QAE@PBD@Z
?connectNotify@QObject@@MAEXPBD@Z
?isWritable@QIODevice@@QBE_NXZ
??1QString@@QAE@XZ
?shared_null@QListData@@2UData@1@A
?customEvent@QObject@@MAEXPAVQEvent@@@Z
?isOpen@QIODevice@@QBE_NXZ
??0QVariant@@QAE@H@Z
deflate
?free@QVectorData@@SAXPAU1@H@Z
??0QString@@QAE@ABV0@@Z
?type@QVariant@@QBE?AW4Type@1@XZ
?qMemSet@@YAPAXPAXHI@Z
??0QVariant@@QAE@XZ
?changeGuard@QMetaObject@@SAXPAPAVQObject@@PAV2@@Z
?qFree@@YAXPAX@Z
?qMalloc@@YAPAXI@Z
??0QVariant@@QAE@ABVQSize@@@Z
?eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z
?toInt@QVariant@@QBEHPA_N@Z
?timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z
?isReadable@QIODevice@@QBE_NXZ
?disconnectNotify@QObject@@MAEXPBD@Z
?event@QObject@@UAE_NPAVQEvent@@@Z
?setFormat@QImageIOHandler@@QAEXABVQByteArray@@@Z
??4QImage@@QAEAAV0@ABV0@@Z
?copy@QImage@@QBE?AV1@HHHH@Z
?jumpToImage@QImageIOHandler@@UAE_NH@Z
?qt_metacall@QImageIOPlugin@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?transformed@QImage@@QBE?AV1@ABVQMatrix@@W4TransformationMode@Qt@@@Z
?logicalDpiY@QPaintDevice@@QBEHXZ
?dotsPerMeterX@QImage@@QBEHXZ
??1QImageIOHandler@@UAE@XZ
?metaObject@QImageIOPlugin@@UBEPBUQMetaObject@@XZ
??0QMatrix@@QAE@XZ
?logicalDpiX@QPaintDevice@@QBEHXZ
?currentImageRect@QImageIOHandler@@UBE?AVQRect@@XZ
?width@QImage@@QBEHXZ
?dotsPerMeterY@QImage@@QBEHXZ
?size@QImage@@QBE?AVQSize@@XZ
?format@QImage@@QBE?AW4Format@1@XZ
?currentImageNumber@QImageIOHandler@@UBEHXZ
??1QImage@@UAE@XZ
?setFormat@QImageIOHandler@@QBEXABVQByteArray@@@Z
?jumpToNextImage@QImageIOHandler@@UAE_NXZ
?imageCount@QImageIOHandler@@UBEHXZ
?convertToFormat@QImage@@QBE?AV1@W4Format@1@V?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
??0QImageIOHandler@@QAE@XZ
?setColorTable@QImage@@QAEXV?$QVector@I@@@Z
?setDotsPerMeterY@QImage@@QAEXH@Z
?setDevice@QImageIOHandler@@QAEXPAVQIODevice@@@Z
?scanLine@QImage@@QAEPAEH@Z
?height@QImage@@QBEHXZ
?loopCount@QImageIOHandler@@UBEHXZ
?bits@QImage@@QAEPAEXZ
?nextImageDelay@QImageIOHandler@@UBEHXZ
??1QImageIOPlugin@@UAE@XZ
?mirrored@QImage@@QBE?AV1@_N0@Z
?colorTable@QImage@@QBE?AV?$QVector@I@@XZ
??0QImageIOPlugin@@QAE@PAVQObject@@@Z
?setDotsPerMeterX@QImage@@QAEXH@Z
?qt_metacast@QImageIOPlugin@@UAEPAXPBD@Z
?isNull@QImage@@QBE_NXZ
?rotate@QMatrix@@QAEAAV1@N@Z
?device@QImageIOHandler@@QBEPAVQIODevice@@XZ
??0QImage@@QAE@HHW4Format@0@@Z
PE exports
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
ExifTool file metadata
SubsystemVersion
5.0

InitializedDataSize
146944

ImageVersion
4.82

ProductName
Qt4

FileVersionNumber
4.8.2.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
9.0

FileTypeExtension
dll

OriginalFileName
qtiff4.dll

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
4.8.2.0

TimeStamp
2012:09:11 06:16:44+01:00

FileType
Win32 DLL

PEType
PE32

FileDescription
C++ application development framework.

OSVersion
5.0

FileOS
Win32

LegalCopyright
Copyright (C) 2012 Nokia Corporation and/or its subsidiary(-ies).

MachineType
Intel 386 or later, and compatibles

CompanyName
Nokia Corporation and/or its subsidiary(-ies)

CodeSize
137728

FileSubtype
0

ProductVersionNumber
4.8.2.0

EntryPoint
0x21f17

ObjectFileType
Dynamic link library

CarbonBlack CarbonBlack acts as a surveillance camera for computers
Compressed bundles
File identification
MD5 5b823f73934fe68981675bf9dcee0ac5
SHA1 dac5f68d8d708ea4e9caf2e1ccdaaeb794ff271d
SHA256 d6cad84d8ddc4581c67e1915b74bc178e48199811988de95d46c915dace3fc9b
ssdeep
3072:qwjgV4kFiDZNp9LrjSmkcBPcwq6eKGe5QdiRaXGyTs3mFUyeGyNADpbmo3tEsOKX:Hsu/p9LrjpkiPcw195YTVJmWtEsOK3

authentihash 16bebe6fc0971372405927b9c8e428b9d440e44d9d78d7fb86a142810276114c
imphash 1d130abec08714baa2c189c195bb2198
File size 279.0 KB ( 285696 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (64.6%)
Win32 Dynamic Link Library (generic) (15.4%)
Win32 Executable (generic) (10.5%)
Generic Win/DOS Executable (4.6%)
DOS Executable Generic (4.6%)
Tags
pedll

VirusTotal metadata
First submission 2013-04-01 10:34:28 UTC ( 6 years ago )
Last submission 2017-07-28 02:24:34 UTC ( 1 year, 8 months ago )
File names qtiff4.dll
qtiff4.dll
qtiff4.dll
D6CAD84D8DDC4581C67E1915B74BC178E48199811988DE95D46C915DACE3FC9B.dat
qtiff4.dll
qtiff4.dll
qtiff4.dll
qtiff4.dll
qtiff4.dll
QTIFF4.DLL
qtiff4.dll
qtiff4.dll
qtiff4.dll
qtiff4.dll
qtiff4.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!