× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ea29965d45a1e4410a8d57e8f3d420e92bfb74a2f05c6eb7e5b0b0f23a7f2aef
File name: 330674C600B25D70CE3C003E81E99800A16FF08B.dll
Detection ratio: 0 / 57
Analysis date: 2015-03-19 21:09:04 UTC ( 4 years ago )
Antivirus Result Update
Ad-Aware 20150319
AegisLab 20150319
Yandex 20150319
AhnLab-V3 20150319
Alibaba 20150319
ALYac 20150319
Antiy-AVL 20150319
Avast 20150319
AVG 20150319
Avira (no cloud) 20150319
AVware 20150319
Baidu-International 20150319
BitDefender 20150319
Bkav 20150319
ByteHero 20150319
CAT-QuickHeal 20150319
ClamAV 20150319
CMC 20150317
Comodo 20150319
Cyren 20150319
DrWeb 20150319
Emsisoft 20150319
ESET-NOD32 20150319
F-Prot 20150319
F-Secure 20150319
Fortinet 20150319
GData 20150319
Ikarus 20150319
Jiangmin 20150319
K7AntiVirus 20150319
K7GW 20150319
Kaspersky 20150319
Kingsoft 20150319
Malwarebytes 20150319
McAfee 20150319
McAfee-GW-Edition 20150319
Microsoft 20150319
eScan 20150319
NANO-Antivirus 20150319
Norman 20150319
nProtect 20150319
Panda 20150318
Qihoo-360 20150319
Rising 20150319
Sophos AV 20150319
SUPERAntiSpyware 20150319
Symantec 20150319
Tencent 20150319
TheHacker 20150319
TotalDefense 20150319
TrendMicro 20150319
TrendMicro-HouseCall 20150319
VBA32 20150319
VIPRE 20150319
ViRobot 20150319
Zillya 20150319
Zoner 20150319
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-06-28 15:42:10
Entry Point 0x00008E8F
Number of sections 5
PE sections
PE imports
LocalAlloc
GetLastError
EnterCriticalSection
lstrlenA
GetOverlappedResult
WaitForSingleObject
SetEvent
QueryPerformanceCounter
IsDebuggerPresent
GetTickCount
DisableThreadLibraryCalls
LoadLibraryA
DeleteCriticalSection
GetCurrentProcess
GetPrivateProfileStringA
WritePrivateProfileStringA
GetFileSize
CreateDirectoryA
CreateThread
UnhandledExceptionFilter
MultiByteToWideChar
DeleteFileW
CloseHandle
InterlockedCompareExchange
GetPrivateProfileStringW
GetTempFileNameW
lstrcpynW
CompareStringW
RaiseException
InterlockedExchangeAdd
WideCharToMultiByte
GetProcAddress
SetFilePointer
lstrcmpA
ReadFile
GetCurrentProcessId
InterlockedExchange
SetUnhandledExceptionFilter
WriteFile
MulDiv
GetSystemTimeAsFileTime
lstrcmpW
WaitForMultipleObjects
GetModuleHandleW
FreeLibrary
TerminateProcess
CreateEventW
InitializeCriticalSection
GetTempPathW
CreateFileW
Sleep
CancelIo
SetThreadPriority
GetCurrentThreadId
LeaveCriticalSection
SleepEx
ResetEvent
strncmp
_malloc_crt
malloc
_lock
_strtoui64
pow
wcstoul
memset
_wcsnicmp
__dllonexit
_stricmp
_wcstoui64
strlen
_vsnwprintf
__clean_type_info_names_internal
_except_handler3
?terminate@@YAXXZ
_initterm_e
?_type_info_dtor_internal_method@type_info@@QAEXXZ
??2@YAPAXI@Z
_wtof_l
_onexit
_strdup
??_V@YAXPAX@Z
memcmp
_encode_pointer
log10
_crt_debugger_hook
_amsg_exit
_wcsicmp
_unlock
wcschr
_adjust_fdiv
??3@YAXPAX@Z
free
__CxxFrameHandler3
_except_handler4_common
_purecall
realloc
memcpy
_vsnprintf
strstr
_decode_pointer
_encoded_null
__CppXcptFilter
_initterm
_wtoi
PathStripPathW
PathAppendA
PathFileExistsW
PathCombineA
PathFindExtensionW
PathRemoveExtensionW
SendMessageW
EndDialog
SetDlgItemTextA
GetDlgItemTextA
PostMessageW
MessageBoxIndirectW
PE exports
Number of PE resources by type
RT_STRING 2
RT_DIALOG 1
Number of PE resources by language
ENGLISH UK 2
ENGLISH US 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2012:06:28 16:42:10+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
34304

LinkerVersion
9.0

EntryPoint
0x8e8f

InitializedDataSize
22016

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 7253dccf9056ed537549ad78fc5a6081
SHA1 1dbbd52146607f94b65b4c031afee3b549f2090c
SHA256 ea29965d45a1e4410a8d57e8f3d420e92bfb74a2f05c6eb7e5b0b0f23a7f2aef
ssdeep
1536:Gkaz+bzygyXdbwRqQkxEDqMOK+l95MRkurfWz:NM+nygymXz9OKRjWz

authentihash 05614430bd9f66f3c19e29e50f41f726247b4dbeb760d58c040c3ba6461ec274
imphash 92ac9ee9ef8a1994e8aac0f8b930b7a0
File size 51.5 KB ( 52736 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
pedll

VirusTotal metadata
First submission 2012-07-03 10:08:34 UTC ( 6 years, 8 months ago )
Last submission 2012-07-03 10:08:34 UTC ( 6 years, 8 months ago )
File names 330674C600B25D70CE3C003E81E99800A16FF08B.dll
in_mp4.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!