× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ebd115eb2a0198350b158bd1aa207c7920db4f784119d9ac14f55a19ba760b88
File name: e499b41403337ae51cb2a7c23b14e175
Detection ratio: 4 / 66
Analysis date: 2018-05-30 14:01:21 UTC ( 6 months, 2 weeks ago ) View latest
Antivirus Result Update
Cylance Unsafe 20180530
Endgame malicious (high confidence) 20180507
Fortinet W64/Kryptik.BIW!tr 20180530
Sophos ML heuristic 20180503
Ad-Aware 20180530
AegisLab 20180530
AhnLab-V3 20180530
Alibaba 20180530
ALYac 20180530
Antiy-AVL 20180530
Arcabit 20180530
Avast 20180530
Avast-Mobile 20180530
AVG 20180530
Avira (no cloud) 20180530
AVware 20180530
Babable 20180406
Baidu 20180530
BitDefender 20180530
Bkav 20180530
CAT-QuickHeal 20180530
ClamAV 20180530
CMC 20180529
Comodo 20180530
CrowdStrike Falcon (ML) 20180202
Cybereason None
Cyren 20180530
DrWeb 20180530
eGambit 20180530
Emsisoft 20180530
ESET-NOD32 20180530
F-Prot 20180530
F-Secure 20180530
GData 20180530
Ikarus 20180529
Jiangmin 20180530
K7AntiVirus 20180530
K7GW 20180530
Kaspersky 20180530
Kingsoft 20180530
Malwarebytes 20180530
MAX 20180530
McAfee 20180530
McAfee-GW-Edition 20180530
Microsoft 20180530
eScan 20180530
NANO-Antivirus 20180530
nProtect 20180530
Palo Alto Networks (Known Signatures) 20180530
Panda 20180530
Qihoo-360 20180530
Rising 20180530
SentinelOne (Static ML) 20180225
Sophos AV 20180530
SUPERAntiSpyware 20180530
Symantec 20180530
Symantec Mobile Insight 20180525
Tencent 20180530
TheHacker 20180524
TotalDefense 20180530
TrendMicro 20180530
TrendMicro-HouseCall 20180530
Trustlook 20180530
VBA32 20180530
VIPRE 20180530
ViRobot 20180530
Webroot 20180530
Yandex 20180529
Zillya 20180530
ZoneAlarm by Check Point 20180530
Zoner 20180530
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem that targets 64bit architectures.
PE header basic information
Target machine x64
Compilation timestamp 2018-05-30 11:11:22
Entry Point 0x000015E0
Number of sections 9
PE sections
PE imports
lstrcpyA
GetModuleHandleW
I_RpcGetExtendedError
GetTabbedTextExtentW
isalpha
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
AMD AMD64

FileTypeExtension
dll

TimeStamp
2018:05:30 12:11:22+01:00

FileType
Win64 DLL

PEType
PE32+

CodeSize
0

LinkerVersion
12.0

EntryPoint
0x15e0

InitializedDataSize
679936

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 e499b41403337ae51cb2a7c23b14e175
SHA1 c5a18a0631d9fc2dbb3951c6782af26fc20fca18
SHA256 ebd115eb2a0198350b158bd1aa207c7920db4f784119d9ac14f55a19ba760b88
ssdeep
12288:Znfq943cv9VeGdrVZxM27BOr69gFmqndQh9:v3cvjeGFVZxM2xuoqq

authentihash 6b80612d2fc6e5f48e878d142293ae66c94fcf9361daf85e599e690cde8b31ac
imphash 0274b181afd9275e4a9b5d9982692281
File size 644.0 KB ( 659456 bytes )
File type Win32 DLL
Magic literal
PE32+ executable for MS Windows (DLL) (GUI) Mono/.Net assembly

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
64bits assembly pedll

VirusTotal metadata
First submission 2018-05-30 14:01:21 UTC ( 6 months, 2 weeks ago )
Last submission 2018-05-30 14:01:21 UTC ( 6 months, 2 weeks ago )
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!