× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d8167f6b48ba5f61117797e8a691cf423662d9b5e2afa0a406e6828bbb806711
File name: foo_albumlist.dll
Detection ratio: 0 / 54
Analysis date: 2014-10-22 17:48:12 UTC ( 4 years, 6 months ago )
Antivirus Result Update
Ad-Aware 20141022
AegisLab 20141022
Yandex 20141021
AhnLab-V3 20141022
Antiy-AVL 20141022
Avast 20141022
AVG 20141022
Avira (no cloud) 20141022
AVware 20141022
Baidu-International 20141022
BitDefender 20141022
Bkav 20141022
ByteHero 20141022
CAT-QuickHeal 20141022
ClamAV 20141021
CMC 20141021
Comodo 20141022
Cyren 20141022
DrWeb 20141022
Emsisoft 20141022
ESET-NOD32 20141022
F-Prot 20141021
F-Secure 20141022
Fortinet 20141022
GData 20141022
Ikarus 20141022
Jiangmin 20141020
K7AntiVirus 20141020
K7GW 20141021
Kaspersky 20141022
Kingsoft 20141022
Malwarebytes 20141022
McAfee 20141022
McAfee-GW-Edition 20141022
Microsoft 20141022
eScan 20141022
NANO-Antivirus 20141022
Norman 20141022
nProtect 20141022
Qihoo-360 20141022
Rising 20141022
Sophos AV 20141022
SUPERAntiSpyware 20141022
Symantec 20141022
Tencent 20141022
TheHacker 20141022
TotalDefense 20141022
TrendMicro 20141022
TrendMicro-HouseCall 20141022
VBA32 20141021
VIPRE 20141022
ViRobot 20141022
Zillya 20141022
Zoner 20141020
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-12-28 12:22:20
Entry Point 0x0002DC08
Number of sections 5
PE sections
PE imports
GetDeviceCaps
ExtTextOutW
CombineRgn
CreateRectRgn
CreateFontIndirectW
SetBkMode
GetStockObject
SetDCBrushColor
CreateRectRgnIndirect
DeleteObject
GetObjectW
SelectObject
SetBkColor
GetTextExtentPoint32W
SetTextColor
GetStdHandle
InterlockedPopEntrySList
WaitForSingleObject
HeapDestroy
EncodePointer
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
FreeEnvironmentStringsW
SetStdHandle
GetCPInfo
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
ResumeThread
GetThreadPriority
InterlockedPushEntrySList
InterlockedDecrement
SetLastError
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
GetModuleFileNameA
QueryPerformanceFrequency
SetThreadPriority
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
FlushInstructionCache
CreateThread
SetUnhandledExceptionFilter
MulDiv
IsProcessorFeaturePresent
ExitThread
DecodePointer
TerminateProcess
VirtualQuery
GetCurrentThreadId
LeaveCriticalSection
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
RtlUnwind
GetStartupInfoW
GlobalLock
GetProcessHeap
GetProcAddress
GetProcessAffinityMask
CreateFileW
GetFileType
TlsSetValue
HeapAlloc
InterlockedIncrement
GetLastError
LCMapStringW
GetSystemInfo
GlobalFree
GetConsoleCP
GetEnvironmentStringsW
GlobalUnlock
GlobalAlloc
lstrlenW
GetCurrentProcessId
HeapQueryInformation
WideCharToMultiByte
HeapSize
GetCommandLineA
InterlockedCompareExchange
GetCurrentThread
RaiseException
TlsFree
SetFilePointer
CloseHandle
GetACP
GetModuleHandleW
IsValidCodePage
HeapCreate
VirtualFree
Sleep
SetConsoleCtrlHandler
VirtualAlloc
StrCmpLogicalW
MapWindowPoints
DrawEdge
GetMessagePos
GetClassInfoExW
EnableWindow
ReleaseDC
IntersectRect
SetLayeredWindowAttributes
GetScrollInfo
BeginPaint
SetFocus
KillTimer
DestroyMenu
ShowWindow
ScreenToClient
CheckMenuRadioItem
MessageBeep
SetWindowPos
GetParent
GetMenuState
BeginDeferWindowPos
SetWindowLongW
SendMessageW
GetWindowRect
RegisterClassExW
CallNextHookEx
UpdateWindow
SetCapture
WindowFromPoint
AppendMenuW
AdjustWindowRectEx
SendDlgItemMessageW
IsWindowEnabled
PostMessageW
GetSysColor
RedrawWindow
GetMenuItemID
CreateWindowExW
EndDeferWindowPos
MapDialogRect
CreatePopupMenu
GetKeyState
DestroyIcon
UnregisterClassA
RegisterClassW
GetWindowLongW
DrawIconEx
IsWindowVisible
UnregisterClassW
GetClientRect
GetDlgItem
DefWindowProcW
DrawTextW
BringWindowToTop
CallWindowProcW
ClientToScreen
EndPaint
InvalidateRect
CreateDialogParamW
GetSubMenu
SetTimer
LoadImageW
TrackPopupMenu
FillRect
AdjustWindowRect
CopyRect
GetWindowTextW
DeferWindowPos
SetWindowsHookExW
LoadCursorW
GetFocus
GetDC
GetMenuItemCount
SetCursor
UnhookWindowsHookEx
DestroyWindow
EnableThemeDialogTexture
SetWindowTheme
DoDragDrop
CoCreateInstance
OleSetClipboard
_uGetMenuItemType@8
_PokeWindow@4
_GetInfiniteWaitEvent@0
_uModifyMenu@20
_uAppendMenu@16
_FindOwningPopup@4
_uBugCheck@0
??1uCallStackTracker@@QAE@XZ
_uGetDlgItemText@12
_uSetWindowText@8
_uSendMessageText@16
_uGetWindowText@8
??0uCallStackTracker@@QAE@PBD@Z
_stricmp_utf8_ex@16
_uExceptFilterProc@4
_uCharLower@4
_uSetDlgItemText@12
_stricmp_utf8@8
_uFormatSystemErrorMessage@8
_uGetMenuString@16
PE exports
Number of PE resources by type
RT_DIALOG 3
RT_ICON 1
RT_MANIFEST 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 6
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2012:12:28 13:22:20+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
259584

LinkerVersion
10.0

FileAccessDate
2014:10:22 19:00:20+01:00

EntryPoint
0x2dc08

InitializedDataSize
98304

SubsystemVersion
5.1

ImageVersion
0.0

OSVersion
5.1

FileCreateDate
2014:10:22 19:00:20+01:00

UninitializedDataSize
0

File identification
MD5 02faa4e300951b5034264eac42b189b8
SHA1 1e15828647d6961e1cd0193b857631d5c5740e10
SHA256 d8167f6b48ba5f61117797e8a691cf423662d9b5e2afa0a406e6828bbb806711
ssdeep
6144:+rutBVvZkn5fwxlwpq9FRPcaX7tFyV6csgELwAOdpr641YUC:+rcXvOnqxl9fcYFyocsgEk3rYUC

authentihash 5dd0f9ae7d17e705857d97cb8a6e455dc76f5e2125768fa055626444b8257d1b
imphash 0189ddcbd0ff382cd14d4dfd4d0c88c7
File size 350.5 KB ( 358912 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID foobar 2000 generic component (68.7%)
Win32 Executable MS Visual C++ (generic) (21.0%)
Win32 Dynamic Link Library (generic) (4.4%)
Win32 Executable (generic) (3.0%)
Generic Win/DOS Executable (1.3%)
Tags
pedll

VirusTotal metadata
First submission 2013-02-14 04:02:03 UTC ( 6 years, 2 months ago )
Last submission 2013-02-14 04:02:03 UTC ( 6 years, 2 months ago )
File names foo_albumlist.dll
foo_albumlist.dll
foo_albumlist.dll
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!