× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e4e6b8952f7a2e751cce5ccff49879db527e3be560f50875f2f12d134f4c6ce5
File name: kllmisjqcitf.dll
Detection ratio: 11 / 57
Analysis date: 2015-01-24 17:48:57 UTC ( 3 years, 11 months ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Symmi.50006 20150124
Avira (no cloud) PCK/Themida 20150124
BitDefender Gen:Variant.Symmi.50006 20150124
Bkav HW32.Packed.59C8 20150124
Emsisoft Gen:Variant.Symmi.50006 (B) 20150124
ESET-NOD32 a variant of Win32/Boaxxe.CO.gen 20150124
F-Secure Gen:Variant.Symmi.50006 20150124
GData Gen:Variant.Symmi.50006 20150124
McAfee Trojan-FFPD!C9E569456AEF 20150124
McAfee-GW-Edition BehavesLike.Win32.Sefnit.tc 20150124
eScan Gen:Variant.Symmi.50006 20150124
AegisLab 20150124
Yandex 20150124
AhnLab-V3 20150124
Alibaba 20150120
ALYac 20150124
Antiy-AVL 20150124
Avast 20150124
AVG 20150124
AVware 20150124
Baidu-International 20150124
ByteHero 20150124
CAT-QuickHeal 20150124
ClamAV 20150124
CMC 20150124
Comodo 20150124
Cyren 20150124
DrWeb 20150124
F-Prot 20150124
Fortinet 20150124
Ikarus 20150124
Jiangmin 20150123
K7AntiVirus 20150124
K7GW 20150124
Kaspersky 20150124
Kingsoft 20150124
Malwarebytes 20150124
Microsoft 20150124
NANO-Antivirus 20150124
Norman 20150123
nProtect 20150123
Panda 20150124
Qihoo-360 20150124
Rising 20150123
Sophos AV 20150124
SUPERAntiSpyware 20150124
Symantec 20150124
Tencent 20150124
TheHacker 20150123
TotalDefense 20150124
TrendMicro 20150124
TrendMicro-HouseCall 20150124
VBA32 20150123
VIPRE 20150124
ViRobot 20150124
Zillya 20150124
Zoner 20150123
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-09-17 05:16:27
Entry Point 0x0034D000
Number of sections 6
PE sections
PE imports
InitCommonControls
PE exports
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2014:09:17 06:16:27+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
5632

LinkerVersion
9.0

FileAccessDate
2015:01:24 18:48:58+01:00

EntryPoint
0x34d000

InitializedDataSize
3584

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

FileCreateDate
2015:01:24 18:48:58+01:00

UninitializedDataSize
0

File identification
MD5 c9e569456aeff6332a41f47e733ef037
SHA1 9b0005d4e633637b3e829fb500000896ae0a0916
SHA256 e4e6b8952f7a2e751cce5ccff49879db527e3be560f50875f2f12d134f4c6ce5
ssdeep
24576:34k+Zo1whQDxLoEUZcK5sBrG4BkBe99X/krW9QYye6X43mD4fgY:Ik+ZwwhGtohr6G42e998rW6nJ43pIY

authentihash 14e4cb76d175b9df102e497b862deed5b160f12e65b07c462fbe6bd807b31fb9
imphash baa93d47220682c04d92f7797d9224ce
File size 1.2 MB ( 1292288 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
Clipper DOS Executable (11.7%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
pedll

VirusTotal metadata
First submission 2015-01-24 17:48:57 UTC ( 3 years, 11 months ago )
Last submission 2015-01-24 17:48:57 UTC ( 3 years, 11 months ago )
File names kllmisjqcitf.dll
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!