× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f3dd324976c489d54251886bc98da101c122b0d98b5653f1d9b3a9a9c23a3ec6
File name: atstreeview.dll
Detection ratio: 0 / 40
Analysis date: 2009-05-29 02:41:18 UTC ( 9 years, 11 months ago )
Antivirus Result Update
a-squared 20090529
AhnLab-V3 20090528
AntiVir 20090528
Antiy-AVL 20090527
Authentium 20090529
Avast 20090529
AVG 20090528
BitDefender 20090529
CAT-QuickHeal 20090528
ClamAV 20090529
Comodo 20090528
DrWeb 20090529
eSafe 20090527
eTrust-Vet 20090528
F-Prot 20090529
F-Secure 20090529
Fortinet 20090528
GData 20090529
Ikarus 20090529
K7AntiVirus 20090528
McAfee 20090528
McAfee+Artemis 20090528
McAfee-GW-Edition 20090528
Microsoft 20090528
NOD32 20090528
NOD32Beta 20090528
Norman 20090528
nProtect 20090528
Panda 20090528
PCTools 20090521
Prevx 20090529
Rising 20090527
Sophos AV 20090529
Sunbelt 20090528
Symantec 20090529
TheHacker 20090529
TrendMicro 20090528
VBA32 20090527
ViRobot 20090528
VirusBuster 20090528
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 5
PE sections
PE imports
GlobalUnlock
GlobalLock
GlobalAlloc
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetFileAttributesW
GetVersion
LoadLibraryW
GetLastError
SetLastError
GetModuleFileNameW
OutputDebugStringA
MultiByteToWideChar
LoadLibraryA
DisableThreadLibraryCalls
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent
__0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ
__0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@PBD@Z
__0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@ABV01@@Z
__1_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ
__4_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV01@PBD@Z
__clean_type_info_names_internal
_except_handler4_common
__type_info_dtor_internal_method@type_info@@QAEXXZ
_unlock
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
__dllonexit
_lock
_onexit
_crt_debugger_hook
__CppXcptFilter
_encoded_null
strchr
__3@YAXPAX@Z
__1exception@std@@UAE@XZ
__0exception@std@@QAE@ABQBD@Z
__CxxFrameHandler3
_what@exception@std@@UBEPBDXZ
__0exception@std@@QAE@XZ
_splitpath
_CxxThrowException
__0exception@std@@QAE@ABV01@@Z
__2@YAPAXI@Z
memmove_s
_except_handler3
calloc
memcpy
free
___V@YAXPAX@Z
_terminate@@YAXXZ
_encode_pointer
_malloc_crt
DoDragDrop
SHBindToParent
SHGetDesktopFolder
SHGetMalloc
SHGetFileInfoA
DestroyWindow
GetMessagePos
DefWindowProcA
CallWindowProcA
GetKeyState
DestroyIcon
SetScrollInfo
GetScrollInfo
CreatePopupMenu
TrackPopupMenu
CreateWindowExA
RegisterClassA
GetWindowLongA
SetWindowLongA
ScreenToClient
InvalidateRect
ShowWindow
MoveWindow
GetClientRect
SendMessageA
LoadCursorA
CarbonBlack CarbonBlack acts as a surveillance camera for computers
While monitoring an end-user machine in-the-wild, CarbonBlack noticed the following files in execution wrote this sample to disk.
Compressed bundles
File identification
MD5 6750115d85c76f5c171117984cddb08b
SHA1 88d6628d7b4afdf1cc15a06832f709f2c336b151
SHA256 f3dd324976c489d54251886bc98da101c122b0d98b5653f1d9b3a9a9c23a3ec6
ssdeep
768:K92xLcHmqDLGcjOQa2Kf6yOyrjcCfa6MMFbhP+9WTQCaAeunMMd/fFdQOK2cuARR:K926pXfjwTf6PMNhP+DAeuVeOK2cuARR

File size 46.0 KB ( 47104 bytes )
File type unknown
Magic literal

TrID
VirusTotal metadata
First submission 2009-05-29 02:41:18 UTC ( 9 years, 11 months ago )
Last submission 2009-05-29 02:41:18 UTC ( 9 years, 11 months ago )
File names atstreeview.dll
aa
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!