× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: dbcf668d8fce704c4b350e7817c8546c1469441c360fd1f58a1e631c978858a0
File name: F082E5EC086D02937CE4115D8872060014796555.dll
Detection ratio: 0 / 66
Analysis date: 2018-01-20 18:46:23 UTC ( 1 year, 3 months ago )
Antivirus Result Update
Ad-Aware 20180120
AegisLab 20180120
AhnLab-V3 20180120
Alibaba 20180120
ALYac 20180120
Antiy-AVL 20180120
Arcabit 20180120
Avast 20180120
Avast-Mobile 20180120
AVG 20180120
Avira (no cloud) 20180120
AVware 20180120
Baidu 20180118
BitDefender 20180120
Bkav 20180120
CAT-QuickHeal 20180120
ClamAV 20180120
CMC 20180116
Comodo 20180120
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cylance 20180120
Cyren 20180120
DrWeb 20180120
eGambit 20180120
Emsisoft 20180120
Endgame 20171130
ESET-NOD32 20180120
F-Prot 20180120
F-Secure 20180120
Fortinet 20180120
GData 20180120
Ikarus 20180120
Sophos ML 20170914
Jiangmin 20180120
K7AntiVirus 20180120
K7GW 20180120
Kaspersky 20180120
Kingsoft 20180120
Malwarebytes 20180120
MAX 20180120
McAfee 20180120
McAfee-GW-Edition 20180120
Microsoft 20180120
eScan 20180120
NANO-Antivirus 20180120
nProtect 20180120
Palo Alto Networks (Known Signatures) 20180120
Panda 20180120
Qihoo-360 20180120
Rising 20180120
SentinelOne (Static ML) 20180115
Sophos AV 20180120
SUPERAntiSpyware 20180120
Symantec 20180119
Symantec Mobile Insight 20180119
Tencent 20180120
TheHacker 20180119
TotalDefense 20180118
TrendMicro 20180120
TrendMicro-HouseCall 20180120
Trustlook 20180120
VBA32 20180120
VIPRE 20180120
ViRobot 20180120
Webroot 20180120
Yandex 20180112
Zillya 20180119
ZoneAlarm by Check Point 20180120
Zoner 20180120
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Signature verification Signed file, verified signature
Signing date 6:57 AM 7/9/2012
Signers
[+] Nitro PDF Software
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer COMODO Code Signing CA 2
Valid from 1:00 AM 1/10/2012
Valid to 12:59 AM 1/10/2015
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 8BBC59B8438F6144AEB938D461575851B1D2AB4E
Serial number 00 F1 74 8B E1 2F 68 AB 26 38 01 3D 4F 6C 36 3A 50
[+] COMODO Code Signing CA 2
Status Valid
Issuer UTN-USERFirst-Object
Valid from 1:00 AM 8/24/2011
Valid to 11:48 AM 5/30/2020
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint B64771392538D1EB7A9281998791C14AFD0C5035
Serial number 10 70 9D 4F F5 54 08 D7 30 60 01 D8 EA 91 75 BB
[+] USERTrust (Code Signing)
Status Valid
Issuer UTN-USERFirst-Object
Valid from 7:31 PM 7/9/1999
Valid to 7:40 PM 7/9/2019
Valid usage EFS, Timestamp Signing, Code Signing
Algorithm sha1RSA
Thumbprint E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46
Serial number 44 BE 0C 8B 50 00 24 B4 11 D3 36 2D E0 B3 5F 1B
Counter signers
[+] COMODO Time Stamping Signer
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer UTN-USERFirst-Object
Valid from 1:00 AM 5/10/2010
Valid to 12:59 AM 5/11/2015
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 3DBB6DB5085C6DD5A1CA7F9CF84ECB1A3910CAC8
Serial number 47 8A 8E FB 59 E1 D8 3F 0C E1 42 D2 A2 87 07 BE
[+] USERTrust (Code Signing)
Status Valid
Issuer UTN-USERFirst-Object
Valid from 7:31 PM 7/9/1999
Valid to 7:40 PM 7/9/2019
Valid usage EFS, Timestamp Signing, Code Signing
Algorithm sha1RSA
Thumbrint E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46
Serial number 44 BE 0C 8B 50 00 24 B4 11 D3 36 2D E0 B3 5F 1B
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-02-03 22:24:27
Entry Point 0x0008732E
Number of sections 5
PE sections
Overlays
MD5 22691b9b7c9fd2718f369c2ac83a0ad7
File type data
Offset 1140736
Size 5128
Entropy 7.37
PE imports
RegDeleteValueW
RegCloseKey
OpenProcessToken
RegSetValueExW
RegQueryInfoKeyW
GetUserNameW
RegEnumValueW
RegEnumKeyW
RegCreateKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegOpenKeyExW
RegDeleteKeyW
RegQueryValueExW
SetThreadLocale
GetStdHandle
GetDriveTypeW
ReleaseMutex
FileTimeToSystemTime
WaitForSingleObject
EncodePointer
GetFileAttributesW
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoW
GetFileTime
GetCPInfo
GetDiskFreeSpaceW
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
GetExitCodeProcess
LocalFree
FormatMessageW
ResumeThread
InitializeCriticalSection
OutputDebugStringW
GetLogicalDriveStringsW
FindClose
TlsGetValue
GetEnvironmentVariableW
PeekNamedPipe
CopyFileW
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
SetThreadPriority
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetSystemPowerStatus
GlobalMemoryStatus
CreateThread
SetEnvironmentVariableW
CreatePipe
GetExitCodeThread
SetNamedPipeHandleState
SetUnhandledExceptionFilter
CreateMutexW
IsProcessorFeaturePresent
DecodePointer
TerminateProcess
CreateSemaphoreW
SetCurrentDirectoryW
LocalFileTimeToFileTime
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
TerminateThread
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
DisableThreadLibraryCalls
TlsAlloc
GetWindowsDirectoryW
GetFileSize
OpenProcess
GetUserDefaultLCID
GetTempFileNameW
GetComputerNameW
GetProfileStringW
ExpandEnvironmentStringsW
FindNextFileW
FindFirstFileW
IsValidLocale
DuplicateHandle
GetProcAddress
GetProcessAffinityMask
CreateFileW
GetFileType
TlsSetValue
InterlockedIncrement
GetLastError
SystemTimeToFileTime
GetShortPathNameW
GetSystemInfo
GetThreadLocale
FileTimeToLocalFileTime
GetCurrentProcessId
SetFileTime
WideCharToMultiByte
InterlockedCompareExchange
GetCurrentThread
SuspendThread
RaiseException
ReleaseSemaphore
TlsFree
ReadFile
CloseHandle
GetACP
GetModuleHandleW
IsValidCodePage
GetTempPathW
CreateProcessW
Sleep
IsBadReadPtr
IsBadStringPtrA
wcsftime
fseek
fclose
_time64
fflush
_difftime64
_vswprintf_p
_ftime64
_wgetenv
fwrite
_wcsdup
_wrmdir
isspace
_close
_CxxThrowException
wcspbrk
_timezone
??3@YAXPAX@Z
sprintf
wcsncmp
_wfopen
_wgetcwd
_write
memcpy
memmove
mbstowcs
_encoded_null
_eof
_purecall
memset
wcschr
_wcstoui64
__clean_type_info_names_internal
strchr
_wcstoi64
?_type_info_dtor_internal_method@type_info@@QAEXXZ
??2@YAPAXI@Z
ftell
exit
??_V@YAXPAX@Z
_initterm_e
_crt_debugger_hook
ferror
iswspace
free
__CxxFrameHandler3
_except_handler4_common
_wrename
_errno
_gmtime64
_lseeki64
fputws
wcsspn
_read
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
iswdigit
bsearch
_initterm
iswalnum
setlocale
realloc
__dllonexit
_open_osfhandle
ldexp
wcstol
_commit
wcstod
strncpy
frexp
isalnum
_HUGE
qsort
_onexit
isalpha
wcsncat
_ctime64
_fdopen
wcsncpy
atoi
atof
_swprintf
swscanf
_beginthreadex
_wassert
_localtime64
?_wopen@@YAHPB_WHH@Z
_malloc_crt
malloc
wcstoul
fread
_waccess
abort
fprintf
isdigit
towupper
feof
_endthreadex
_amsg_exit
?terminate@@YAXXZ
clearerr
_wremove
floor
_lock
_get_osfhandle
_strdup
towlower
_fileno
iswalpha
fputwc
_telli64
_wcsicmp
_unlock
calloc
_wsetlocale
_mktime64
_wmkdir
wcstombs
__iob_func
__CppXcptFilter
wcsstr
_wtol
_wtoi
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetMalloc
SHGetFileInfoW
ShellExecuteExW
EnumWindows
DefWindowProcW
MessageBeep
GetWindowThreadProcessId
DdeDisconnect
MessageBoxW
DdeUninitialize
DdeGetData
DdePostAdvise
DdeCreateStringHandleW
PostMessageW
SendMessageW
RegisterClassW
DdeConnect
DdeGetLastError
PeekMessageW
DdeFreeDataHandle
DdeClientTransaction
PostThreadMessageW
DdeFreeStringHandle
WaitForInputIdle
DdeCreateDataHandle
DdeQueryStringW
LoadCursorW
DdeNameService
CreateWindowExW
MsgWaitForMultipleObjects
DdeInitializeW
SetCursor
ExitWindowsEx
DestroyWindow
CoCreateInstance
PE exports
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
ExifTool file metadata
SubsystemVersion
5.1

Comments
wxWidgets cross-platform GUI framework

InitializedDataSize
547328

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.8.3.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
wxWidgets for MSW

CharacterSet
ASCII

LinkerVersion
10.0

EntryPoint
0x8732e

OriginalFileName
wxbase28u_vc_pro7.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright 1993-2006 wxWidgets development team

FileVersion
wxWidgets Library 2.8.3

TimeStamp
2012:02:03 23:24:27+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
wxMSW

ProductVersion
2.8.3

UninitializedDataSize
0

OSVersion
5.1

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
wxWidgets development team

CodeSize
592384

ProductName
wxWidgets

ProductVersionNumber
2.8.3.0

FileTypeExtension
dll

ObjectFileType
Executable application

File identification
MD5 0a9078394652c97a1a6dc45bf5cba737
SHA1 cbb90f526a63d76af7cad8731dc859447ffb179f
SHA256 dbcf668d8fce704c4b350e7817c8546c1469441c360fd1f58a1e631c978858a0
ssdeep
24576:U+erYnaEuj8njHrHpppmtGQX6Vh3Tj+ETZBy8bY:U+erYna7j8nbTPm89T7yaY

authentihash b10e53515cacfe13d79dbb7a8c115f6b811e2677e521f94fb54c6c1b2183dd3b
imphash e8a037355339e654c50e5c374b3efabd
File size 1.1 MB ( 1145864 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID InstallShield setup (50.1%)
Win64 Executable (generic) (32.2%)
Win32 Dynamic Link Library (generic) (7.6%)
Win32 Executable (generic) (5.2%)
Generic Win/DOS Executable (2.3%)
Tags
pedll signed overlay

VirusTotal metadata
First submission 2012-07-10 13:06:17 UTC ( 6 years, 9 months ago )
Last submission 2012-07-10 13:06:17 UTC ( 6 years, 9 months ago )
File names wxbase28u_vc_pro7.dll
wxbase28u_vc_pro7.dll
F082E5EC086D02937CE4115D8872060014796555.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!