× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: eb5d141efd853a8c2d8e3809d0322e8f84b80d1d773f27012aa06e7be0153c74
File name: iscsicpl.exe
Detection ratio: 7 / 56
Analysis date: 2016-04-01 14:02:54 UTC ( 3 years, 1 month ago ) View latest
Antivirus Result Update
AhnLab-V3 Win-Trojan/Teslacrypt.Gen 20160401
AVG Win32/Heim 20160401
Baidu Win32.Trojan.WisdomEyes.151026.9950.9987 20160331
Malwarebytes Ransom.TeslaCrypt 20160401
McAfee-GW-Edition BehavesLike.Win32.Pate.fc 20160401
Qihoo-360 HEUR/QVM20.1.0000.Malware.Gen 20160401
Rising PE:Malware.XPACK-LNR/Heur!1.5594 [F] 20160401
Ad-Aware 20160401
AegisLab 20160401
Alibaba 20160401
ALYac 20160401
Antiy-AVL 20160401
Arcabit 20160401
Avast 20160401
Avira (no cloud) 20160401
AVware 20160401
Baidu-International 20160401
BitDefender 20160401
Bkav 20160401
CAT-QuickHeal 20160401
ClamAV 20160401
CMC 20160322
Comodo 20160401
Cyren 20160401
DrWeb 20160401
Emsisoft 20160401
ESET-NOD32 20160401
F-Prot 20160401
F-Secure 20160401
Fortinet 20160401
GData 20160401
Ikarus 20160401
Jiangmin 20160401
K7AntiVirus 20160401
K7GW 20160401
Kaspersky 20160401
Kingsoft 20160401
McAfee 20160401
Microsoft 20160401
eScan 20160401
NANO-Antivirus 20160401
nProtect 20160401
Panda 20160331
Sophos AV 20160401
SUPERAntiSpyware 20160401
Symantec 20160331
Tencent 20160401
TheHacker 20160330
TrendMicro 20160401
TrendMicro-HouseCall 20160401
VBA32 20160401
VIPRE 20160401
ViRobot 20160401
Yandex 20160316
Zillya 20160401
Zoner 20160401
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name BluetoothApis.DLL
Internal name BluetoothApis
File version 10.0.10240.16384 (th1.150709-1700)
Description Bluetooth Usermode Api host
Packers identified
F-PROT embedded
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-04-01 14:35:05
Entry Point 0x00038670
Number of sections 5
PE sections
PE imports
ClusterResourceTypeCloseEnum
ClusterRegSetValue
OpenCluster
OfflineClusterResource
ClusterNodeControl
GetClusterKey
RemoveClusterResourceNode
SetBkColor
SetEnhMetaFileBits
CallNamedPipeW
GetPrivateProfileSectionNamesA
GetStdHandle
GetConsoleOutputCP
ReleaseMutex
GetFileAttributesA
SetEvent
PurgeComm
HeapDestroy
IsValidLocale
GetHandleInformation
ScrollConsoleScreenBufferW
GetProcessId
FreeEnvironmentStringsA
DisconnectNamedPipe
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
MapViewOfFileEx
EnumSystemLocalesW
GetVolumePathNamesForVolumeNameA
FreeEnvironmentStringsW
lstrcatW
GetLocaleInfoW
WaitCommEvent
EnumResourceLanguagesW
GetCPInfo
WaitForDebugEvent
IsSystemResumeAutomatic
SetTimerQueueTimer
RequestDeviceWakeup
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
SetConsoleCursorInfo
GetThreadTimes
Thread32First
WritePrivateProfileStructW
GetStringTypeW
GetConsoleSelectionInfo
GetDriveTypeA
LocalFree
GetLogicalDriveStringsA
InitializeCriticalSection
LoadResource
FindFirstVolumeMountPointW
OutputDebugStringW
FindClose
InterlockedDecrement
QueryDosDeviceW
MoveFileW
EnumDateFormatsA
GetStringTypeExA
CreateDirectoryExA
GetSystemInfo
UpdateResourceW
CancelTimerQueueTimer
TryEnterCriticalSection
IsDebuggerPresent
HeapAlloc
ReadConsoleInputW
FlushFileBuffers
GetModuleFileNameA
SetConsoleScreenBufferSize
lstrcmpiW
EnumCalendarInfoA
EnumSystemLocalesA
InterlockedExchangeAdd
SetConsoleCtrlHandler
GetUserDefaultLCID
SetHandleCount
CreateActCtxA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
FatalAppExitA
CreateMutexA
GetModuleHandleA
SetFileAttributesW
LockFileEx
CreateSemaphoreA
TlsSetValue
GetSystemDirectoryW
DeleteCriticalSection
SetUnhandledExceptionFilter
OutputDebugStringA
SetEnvironmentVariableA
GlobalMemoryStatus
CreateSemaphoreW
WriteConsoleA
GetProcessShutdownParameters
GlobalAlloc
DebugActiveProcess
LocalFileTimeToFileTime
FindAtomA
SetLastError
GetTickCount
GetCurrentThreadId
LeaveCriticalSection
SetCurrentDirectoryA
WriteConsoleW
ReadConsoleOutputA
CreateToolhelp32Snapshot
HeapFree
EnterCriticalSection
GetConsoleFontSize
GlobalGetAtomNameW
CreateMailslotW
FreeLibrary
QueryPerformanceCounter
GetNumberOfConsoleInputEvents
TlsAlloc
VirtualProtect
GetVersionExA
LoadLibraryA
DeleteFileA
RtlUnwind
GetStartupInfoA
GetDateFormatA
Heap32ListFirst
LCMapStringW
SetProcessPriorityBoost
SetCommMask
GetStartupInfoW
ReadProcessMemory
CreateDirectoryW
WaitForMultipleObjects
FillConsoleOutputAttribute
CompareStringW
GetFileSizeEx
GetBinaryTypeW
ExpandEnvironmentStringsW
GlobalFix
lstrcpyA
EnumResourceNamesA
CompareStringA
CreateWaitableTimerA
FindFirstFileW
TerminateProcess
GetProcAddress
GetTimeZoneInformation
FindFirstVolumeA
OpenJobObjectW
CreateFileW
GetConsoleWindow
GlobalFindAtomA
WriteProfileSectionW
GetFileType
ReadConsoleOutputW
CreateFileA
ExitProcess
GetCurrencyFormatW
InterlockedIncrement
GetNativeSystemInfo
GetLastError
AttachConsole
LocalReAlloc
FlushConsoleInputBuffer
SetStdHandle
HeapCreate
CreateNamedPipeW
GetConsoleCP
LCMapStringA
HeapReAlloc
CreateHardLinkA
GetEnvironmentStringsW
VirtualQuery
Sleep
FileTimeToLocalFileTime
GetEnvironmentStrings
WritePrivateProfileStringA
GetCurrentProcessId
WaitNamedPipeW
CopyFileExA
WideCharToMultiByte
GetAtomNameW
GetCommandLineA
CopyFileExW
GetStringTypeA
GetCurrentThread
EnumSystemCodePagesW
SetFirmwareEnvironmentVariableW
RaiseException
ZombifyActCtx
TlsFree
SetFilePointer
ReadFile
SetComputerNameW
CloseHandle
GetTimeFormatA
GetACP
GetCommConfig
GetModuleHandleW
WriteConsoleOutputCharacterW
DnsHostnameToComputerNameW
IsValidCodePage
ResetWriteWatch
VirtualFree
TransactNamedPipe
OpenEventA
VirtualAlloc
GetOEMCP
CreateHardLinkW
MprInfoBlockAdd
MprAdminConnectionClearStats
MprAdminDeviceEnum
VarBoolFromI1
VarCyFromI1
DragAcceptFiles
Shell_NotifyIconW
ExtractIconExA
AnimateWindow
wsprintfA
SetWindowLongW
IsWindow
CreateMDIWindowW
GetLastActivePopup
LoadMenuA
ShowWindow
MessageBoxW
EnableMenuItem
SetCursor
PdhCollectQueryDataEx
PdhCloseQuery
PdhParseCounterPathW
PdhAddCounterA
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
0.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
10.0.10240.16384

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
61440

EntryPoint
0x38670

OriginalFileName
BluetoothApis.DLL

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
10.0.10240.16384 (th1.150709-1700)

TimeStamp
2016:04:01 15:35:05+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
BluetoothApis

ProductVersion
10.0.10240.16384

FileDescription
Bluetooth Usermode Api host

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
270336

ProductName
Microsoft Windows Operating System

ProductVersionNumber
10.0.10240.16384

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 63fce83451fe7fc783c66290285aac74
SHA1 15128c0d9972597783301534c0bde514c4e4646e
SHA256 eb5d141efd853a8c2d8e3809d0322e8f84b80d1d773f27012aa06e7be0153c74
ssdeep
6144:KlFz1O8ozbXz/LDvIbd+axeOlIZ+fl0fgVb+2UxnODagRmnR2S3:K3xX0X/DkdbxeBm0fgpbeODNA

authentihash a360eec1ecc0f6259dab4827275536c647a83a59f341c0e7be3383d614d595c3
imphash 6dedeb4c900cd63258c9e8331919d42b
File size 312.0 KB ( 319488 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win64 Executable (generic) (76.4%)
Win32 Executable (generic) (12.4%)
Generic Win/DOS Executable (5.5%)
DOS Executable Generic (5.5%)
Tags
peexe

VirusTotal metadata
First submission 2016-04-01 14:02:54 UTC ( 3 years, 1 month ago )
Last submission 2016-04-01 14:02:54 UTC ( 3 years, 1 month ago )
File names BluetoothApis
iscsicpl.exe
BluetoothApis.DLL
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!