× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d9b89a6e7136f8ea306ea5f0b81a5c51cdebd7c79b54216d7f422811ac94123b
File name: mspack.dll
Detection ratio: 0 / 65
Analysis date: 2017-10-05 22:58:31 UTC ( 9 months, 1 week ago )
Antivirus Result Update
Ad-Aware 20171005
AegisLab 20171005
AhnLab-V3 20171005
Alibaba 20170911
ALYac 20171005
Antiy-AVL 20171005
Arcabit 20171005
Avast 20171005
Avast-Mobile 20171005
AVG 20171005
Avira (no cloud) 20171005
AVware 20171005
Baidu 20170930
BitDefender 20171005
Bkav 20171005
CAT-QuickHeal 20171005
ClamAV 20171005
CMC 20171005
Comodo 20171005
CrowdStrike Falcon (ML) 20170804
Cylance 20171005
Cyren 20171005
DrWeb 20171005
Emsisoft 20171005
Endgame 20170821
ESET-NOD32 20171005
F-Prot 20171005
F-Secure 20171005
Fortinet 20171005
GData 20171005
Ikarus 20171005
Sophos ML 20170914
Jiangmin 20171005
K7AntiVirus 20171005
K7GW 20171005
Kaspersky 20171005
Kingsoft 20171005
Malwarebytes 20171005
MAX 20171005
McAfee 20171005
McAfee-GW-Edition 20171005
Microsoft 20171005
eScan 20171005
NANO-Antivirus 20171005
nProtect 20171005
Palo Alto Networks (Known Signatures) 20171005
Panda 20171005
Qihoo-360 20171005
Rising 20171005
SentinelOne (Static ML) 20171001
Sophos AV 20171005
SUPERAntiSpyware 20171005
Symantec 20171005
Symantec Mobile Insight 20171005
Tencent 20171005
TheHacker 20171002
TrendMicro 20171005
TrendMicro-HouseCall 20171005
Trustlook 20171005
VBA32 20171005
VIPRE 20171005
ViRobot 20171005
Webroot 20171005
WhiteArmor 20170927
Yandex 20171005
Zillya 20171005
ZoneAlarm by Check Point 20171005
Zoner 20171005
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-05-28 09:38:46
Entry Point 0x0000DD4E
Number of sections 5
PE sections
PE imports
SystemFunction036
HeapSize
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
IsProcessorFeaturePresent
EnterCriticalSection
LCMapStringW
GetModuleFileNameW
GetConsoleCP
RaiseException
FreeLibrary
QueryPerformanceCounter
IsDebuggerPresent
ExitProcess
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
WaitForSingleObjectEx
RtlUnwind
GetStdHandle
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetStringTypeW
GetCurrentProcessId
GetCommandLineW
WriteConsoleW
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
GetStartupInfoW
SetFilePointerEx
FreeEnvironmentStringsW
GetCPInfo
GetCommandLineA
GetProcAddress
InitializeSListHead
GetProcessHeap
SetStdHandle
SetEndOfFile
WideCharToMultiByte
TlsFree
InterlockedFlushSList
ReadFile
SetUnhandledExceptionFilter
WriteFile
DecodePointer
CloseHandle
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
CreateThread
GetModuleHandleW
GetOEMCP
TerminateProcess
GetModuleHandleExW
IsValidCodePage
OutputDebugStringW
CreateFileW
TlsGetValue
GetFileType
ReadConsoleW
TlsSetValue
HeapAlloc
GetCurrentThreadId
SetLastError
LeaveCriticalSection
PE exports
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2016:05:28 10:38:46+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
134144

LinkerVersion
14.0

FileTypeExtension
dll

InitializedDataSize
41984

SubsystemVersion
6.0

EntryPoint
0xdd4e

OSVersion
6.0

ImageVersion
0.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 b7c8c422badd1fd8339f01e729c75fd8
SHA1 1082b0fe16b786bbb9d8e4cbd852ed0cb0799740
SHA256 d9b89a6e7136f8ea306ea5f0b81a5c51cdebd7c79b54216d7f422811ac94123b
ssdeep
3072:IuBFrv2eKtuPIbLvnQMv1AMKULGh5Gu6QPOCMxN5kawEzexW:IlruPmLvQidKhP6dxXzK

authentihash 19c15f4825e19622c4523a27e1cdef6a4347846e24b5d87743f982ee20e7d955
imphash ef58f0cb06d1a77f48827854e403fcae
File size 170.5 KB ( 174592 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (64.6%)
Win32 Dynamic Link Library (generic) (15.4%)
Win32 Executable (generic) (10.5%)
Generic Win/DOS Executable (4.6%)
DOS Executable Generic (4.6%)
Tags
pedll

VirusTotal metadata
First submission 2016-12-05 03:21:22 UTC ( 1 year, 7 months ago )
Last submission 2017-10-05 22:58:31 UTC ( 9 months, 1 week ago )
File names _CC2C4A91B25F436889696B3D1C1D8681
_E31C54E3B90F493BB75E446E549606D8
_A9BDE10D8C99488389F2B82051B04E8B
mspack.dll
mspack.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!