× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: dde7f5480a669f32fd7aa1a5e250bb05859df959276cc1ae1443d8c3b590696d
File name: CoreVorbis.ax
Detection ratio: 0 / 40
Analysis date: 2010-05-25 18:47:41 UTC ( 3 years, 11 months ago ) View latest
Probably harmless! There are strong indicators suggesting that this file is safe to use.
Antivirus Result Update
AVG 20100525
AhnLab-V3 20100525
AntiVir 20100525
Antiy-AVL 20100525
Authentium 20100525
Avast 20100525
Avast5 20100525
BitDefender 20100525
CAT-QuickHeal 20100525
ClamAV 20100525
Comodo 20100525
DrWeb 20100525
F-Prot 20100524
F-Secure 20100525
Fortinet 20100525
GData 20100525
Ikarus 20100525
Jiangmin 20100524
Kaspersky 20100525
McAfee 20100525
McAfee-GW-Edition 20100525
Microsoft 20100525
NOD32 20100525
Norman 20100525
PCTools 20100525
Panda 20100525
Rising 20100525
Sophos 20100525
Sunbelt 20100525
Symantec 20100525
TheHacker 20100525
TrendMicro 20100525
TrendMicro-HouseCall 20100525
VBA32 20100525
ViRobot 20100525
VirusBuster 20100525
a-squared 20100510
eSafe 20100525
eTrust-Vet 20100525
nProtect 20100525
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
Authenticode signature block
Copyright
Copyright © 2004-2005

Publisher -
Product CoreVorbis
Original name CoreVorbis.ax
Internal name CoreVorbis
File version 1, 1, 0, 79
Description CoreVorbis
Packers identified
PEiD Armadillo v1.xx - v2.xx
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2005-08-13 11:25:23
Link date 12:25 PM 8/13/2005
Entry Point 0x0000CEDB
Number of sections 6
PE sections
PE imports
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegSetValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCreateKeyA
RegEnumKeyExA
GetLastError
EnterCriticalSection
GetSystemInfo
lstrlenA
lstrcmpiA
WaitForSingleObject
FreeLibrary
GetTickCount
DisableThreadLibraryCalls
GetVersionExA
LoadLibraryA
GetModuleFileNameA
GetACP
DeleteCriticalSection
GetCurrentProcess
SetThreadPriority
ReleaseSemaphore
lstrcatA
WideCharToMultiByte
SetErrorMode
MultiByteToWideChar
WaitForMultipleObjects
GetCurrentThread
CreateSemaphoreA
CreateThread
GetProcAddress
GetModuleHandleA
InterlockedExchange
CloseHandle
ResetEvent
DuplicateHandle
GetCurrentThreadId
SetEvent
GetThreadPriority
InitializeCriticalSection
VirtualFree
CreateEventA
InterlockedDecrement
OutputDebugStringA
LeaveCriticalSection
VirtualAlloc
InterlockedIncrement
_purecall
malloc
sscanf
pow
memset
__dllonexit
ldexp
toupper
_except_handler3
log
floor
??2@YAPAXI@Z
qsort
_onexit
frexp
exit
sprintf
memcmp
__CxxFrameHandler
atan
_adjust_fdiv
??3@YAXPAX@Z
free
ceil
calloc
realloc
_initterm
memmove
memcpy
exp
acos
vsprintf
SysFreeString
SysAllocString
KillTimer
RegisterWindowMessageA
DefWindowProcA
ShowWindow
GetWindowRect
DispatchMessageA
SetDlgItemTextA
MoveWindow
PeekMessageA
SetWindowLongA
wvsprintfA
CheckDlgButton
LoadStringA
GetQueueStatus
LoadStringW
CreateDialogParamA
InvalidateRect
GetWindowLongA
SetTimer
IsDlgButtonChecked
GetDesktopWindow
wsprintfA
MsgWaitForMultipleObjects
PostThreadMessageA
DestroyWindow
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
timeSetEvent
timeGetTime
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoCreateInstance
CoFreeUnusedLibraries
CoTaskMemFree
StringFromGUID2
PE exports
Number of PE resources by type
RT_BITMAP 2
RT_DIALOG 2
RT_STRING 1
RT_VERSION 1
Number of PE resources by language
FRENCH 6
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
122880

ImageVersion
0.0

ProductName
CoreVorbis

FileVersionNumber
1.1.0.79

UninitializedDataSize
0

LanguageCode
French

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
6.0

OriginalFilename
CoreVorbis.ax

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1, 1, 0, 79

TimeStamp
2005:08:13 12:25:23+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
CoreVorbis

FileAccessDate
2014:04:17 23:07:55+01:00

ProductVersion
1, 1, 0, 79

FileDescription
CoreVorbis

OSVersion
4.0

FileCreateDate
2014:04:17 23:07:55+01:00

FileOS
Windows NT 32-bit

LegalCopyright
Copyright 2004-2005

MachineType
Intel 386 or later, and compatibles

CompanyName
-

CodeSize
221184

FileSubtype
0

ProductVersionNumber
1.1.0.79

EntryPoint
0xcedb

ObjectFileType
Dynamic link library

File identification
MD5 734c8cbaf43180a90d28cb650b2d4c67
SHA1 252eb2a34539c185ce9e57c7efb1c17472dad28a
SHA256 dde7f5480a669f32fd7aa1a5e250bb05859df959276cc1ae1443d8c3b590696d
ssdeep
6144:DoQyqAwaHyFMwOTWcEcUFfWJHm0sjcH5QRl:vCHyFv1cUFKG0sjx

imphash 7544ebc60f255ac478e19fa0ee17537d
File size 340.0 KB ( 348160 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID DirectShow filter (81.3%)
Win32 Executable MS Visual C++ (generic) (12.5%)
Win32 Dynamic Link Library (generic) (2.6%)
Win32 Executable (generic) (1.8%)
Generic Win/DOS Executable (0.8%)
Tags
peexe armadillo pedll

VirusTotal metadata
First submission 2009-02-15 11:20:46 UTC ( 5 years, 2 months ago )
Last submission 2014-04-08 10:20:03 UTC ( 2 weeks, 1 day ago )
File names 734C8CBAF43180A90D28CB650B2D4C67
EB9A99A8000033AD509005F292C275001301AF9A.ax
corevorbis.ax
CoreVorbis.ax
smona132518881058952385517
e2740400-sample
252eb2a34539c185ce9e57c7efb1c17472dad28a
DPYRIRNABG-17.pms.ax.SVD
DPYWAOXLEW-553.pms.ax.SVD
CoreVorbis.ax
CoreVorbis
e2740400-sample
file-3382271_ax
file-2270624_ax
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!