× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f04cd609d31810bf5e770808cf6e45e299b8b06792ca1059ed4691bfc5ff1269
File name: Stub.dll
Detection ratio: 14 / 54
Analysis date: 2016-08-04 13:07:45 UTC ( 1 year, 9 months ago ) View latest
Antivirus Result Update
AhnLab-V3 Trojan/Win32.Dofoil.C254699 20160804
Avast Sf:Bot-A [Trj] 20160804
Avira (no cloud) TR/Crypt.XPACK.Gen 20160804
AVware Trojan-Downloader.Win32.Zurgop.br (v) 20160804
Baidu Win32.Trojan-Downloader.Agent.bc 20160804
DrWeb BackDoor.Tishop.122 20160804
ESET-NOD32 a variant of Win32/TrojanDownloader.Zurgop.BR 20160804
Ikarus Trojan-Downloader.Win32.Zurgop 20160804
McAfee Agent-FEY!C52F0BF75BEB 20160804
McAfee-GW-Edition Agent-FEY!C52F0BF75BEB 20160804
Microsoft TrojanDownloader:Win32/Dofoil.T 20160804
Panda Trj/Genetic.gen 20160803
Qihoo-360 HEUR/QVM39.1.0000.Malware.Gen 20160804
VIPRE Trojan-Downloader.Win32.Zurgop.br (v) 20160804
Ad-Aware 20160804
AegisLab 20160804
Alibaba 20160804
ALYac 20160804
Antiy-AVL 20160804
Arcabit 20160804
AVG 20160804
BitDefender 20160804
Bkav 20160804
CAT-QuickHeal 20160803
ClamAV 20160804
CMC 20160804
Comodo 20160804
Cyren 20160804
Emsisoft 20160804
F-Prot 20160804
F-Secure 20160804
Fortinet 20160804
GData 20160804
Jiangmin 20160804
K7AntiVirus 20160804
K7GW 20160804
Kaspersky 20160804
Kingsoft 20160804
Malwarebytes 20160804
eScan 20160804
NANO-Antivirus 20160804
nProtect 20160804
Sophos AV 20160804
SUPERAntiSpyware 20160804
Symantec 20160804
Tencent 20160804
TheHacker 20160804
TrendMicro 20160804
TrendMicro-HouseCall 20160804
VBA32 20160804
ViRobot 20160803
Yandex 20160803
Zillya 20160804
Zoner 20160804
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x00004678
Number of sections 7
PE sections
PE exports
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
dll

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
14336

LinkerVersion
2.25

EntryPoint
0x4678

InitializedDataSize
6656

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 c52f0bf75bebf12a2e7a65b8c8af72d4
SHA1 1ae36640ffbdf0949e51597c95d1ae0ba0e9b148
SHA256 f04cd609d31810bf5e770808cf6e45e299b8b06792ca1059ed4691bfc5ff1269
ssdeep
384:VHSX5TXyTkadDbYXINxBQ97pUGAuko0jh4MlslD1Xf94X:VyX5mTkaVbyiQ9ph0t4Mlo1Xfa

authentihash 5746ab1749e2988f0ae8122e1f48c6fbbe1ae1b9f730ef35e85c143c7a945a17
File size 21.5 KB ( 22016 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.3%)
Win32 Executable (generic) (26.2%)
Win16/32 Executable Delphi generic (12.0%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
pedll

VirusTotal metadata
First submission 2016-08-04 13:07:45 UTC ( 1 year, 9 months ago )
Last submission 2016-08-04 13:07:45 UTC ( 1 year, 9 months ago )
File names Stub.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!