× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f7a9f479980d1f856dd85a1dfaa9c7e3184ada3e19ddd61cfaf799d00dd33efe
File name: Oe3cTld33aTOQyLh.tdb.bin
Detection ratio: 15 / 56
Analysis date: 2016-11-25 10:31:13 UTC ( 2 years, 4 months ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Zusy.212834 20161125
AhnLab-V3 Trojan/Win32.Locky.C1683244 20161125
Arcabit Trojan.Zusy.D33F62 20161125
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9995 20161125
BitDefender Gen:Variant.Zusy.212834 20161125
Bkav W32.eHeur.Malware09 20161124
CrowdStrike Falcon (ML) malicious_confidence_84% (D) 20161024
ESET-NOD32 a variant of Win32/GenKryptik.LKI 20161125
Sophos ML trojandownloader.win32.renos.pt 20161018
eScan Gen:Variant.Zusy.212834 20161125
Panda Trj/Genetic.gen 20161124
Qihoo-360 HEUR/QVM39.1.0000.Malware.Gen 20161125
Rising Malware.Generic!glWY3GR55jR@2 (thunder) 20161125
TrendMicro Ransom_HPLOCKY.SM91 20161125
TrendMicro-HouseCall Ransom_HPLOCKY.SM91 20161125
AegisLab 20161125
Alibaba 20161125
ALYac 20161125
Antiy-AVL 20161125
Avast 20161125
AVG 20161125
Avira (no cloud) 20161125
AVware 20161125
CAT-QuickHeal 20161125
ClamAV 20161125
CMC 20161125
Comodo 20161125
Cyren 20161125
DrWeb 20161125
F-Prot 20161125
F-Secure 20161125
Fortinet 20161125
GData 20161125
Ikarus 20161125
Jiangmin 20161124
K7AntiVirus 20161125
K7GW 20161125
Kaspersky 20161125
Kingsoft 20161125
Malwarebytes 20161125
McAfee 20161125
McAfee-GW-Edition 20161125
Microsoft 20161125
NANO-Antivirus 20161125
nProtect 20161125
Sophos AV 20161125
SUPERAntiSpyware 20161125
Symantec 20161125
Tencent 20161125
TheHacker 20161124
TotalDefense 20161125
Trustlook 20161125
VBA32 20161124
VIPRE 20161125
ViRobot 20161125
WhiteArmor 20161125
Yandex 20161124
Zillya 20161124
Zoner 20161125
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 1998-2013 VMware, Inc.

Product VMware Workstation
Original name adjperm.DLL
Internal name adjperm
File version 10.0.1 build-1379776
Description adjperm DLL
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-11-25 07:52:47
Entry Point 0x000117D0
Number of sections 7
PE sections
Overlays
MD5 50990e9ed6e1f109bf8efc395cde64fc
File type data
Offset 143872
Size 10491
Entropy 7.98
PE imports
GetLastError
InitializeCriticalSection
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
GetSystemInfo
WaitForSingleObject
GetOEMCP
QueryPerformanceCounter
HeapDestroy
GetTickCount
IsBadWritePtr
TlsAlloc
GetEnvironmentStringsW
GetVersionExA
LoadLibraryA
RtlUnwind
GetModuleFileNameA
FreeLibrary
GetACP
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetEnvironmentStrings
GetCurrentProcessId
CreateSemaphoreA
DeleteFileA
GetCPInfo
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
SetEvent
GetCommandLineA
GetProcAddress
TlsFree
IsBadReadPtr
GetTempPathA
RaiseException
ReleaseSemaphore
CreateThread
GetStringTypeA
GetModuleHandleA
ReadFile
SetUnhandledExceptionFilter
InterlockedExchange
IsBadCodePtr
WriteFile
GetStartupInfoA
CloseHandle
GetTempFileNameA
ExitThread
HeapReAlloc
GetStringTypeW
WaitForMultipleObjects
SetFileAttributesA
HeapAlloc
TerminateProcess
LCMapStringA
WideCharToMultiByte
ResetEvent
GetVersion
GetEnvironmentVariableA
HeapCreate
VirtualFree
CreateEventA
InterlockedDecrement
GetFileType
TlsSetValue
CreateFileA
ExitProcess
GetCurrentThreadId
InterlockedIncrement
VirtualAlloc
LocalAlloc
SetLastError
LeaveCriticalSection
SendMessageA
CharLowerA
CharUpperA
CharLowerW
CharUpperW
exit
__set_app_type
Number of PE resources by type
RT_BITMAP 2
RT_VERSION 1
Number of PE resources by language
ENGLISH US 3
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
40960

LinkerVersion
2.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
10.0.1.41495

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
adjperm DLL

ImageFileCharacteristics
Executable, Large address aware, 32-bit, DLL

CharacterSet
Unicode

InitializedDataSize
29696

EntryPoint
0x117d0

OriginalFileName
adjperm.DLL

MIMEType
application/octet-stream

LegalCopyright
Copyright 1998-2013 VMware, Inc.

FileVersion
10.0.1 build-1379776

TimeStamp
2016:11:25 08:52:47+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
adjperm

ProductVersion
10.0.1 build-1379776

SubsystemVersion
5.1

OSVersion
5.1

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
VMware, Inc.

CodeSize
113152

ProductName
VMware Workstation

ProductVersionNumber
10.0.1.41495

FileTypeExtension
dll

ObjectFileType
Dynamic link library

Compressed bundles
File identification
MD5 56335576be664fdc99f0901b0011ac7d
SHA1 5e1501d3d1961380981c31740c024e74ba00e622
SHA256 f7a9f479980d1f856dd85a1dfaa9c7e3184ada3e19ddd61cfaf799d00dd33efe
ssdeep
3072:CYOYO5j5N7gjkag2N6rbfJCn/leRTMxLztObVl:CzjhgwavAASTMxlA

authentihash 0afd57dfb27891f6eb1cc705811384d0da7dc79c62a9225cc196834133ab3f0a
imphash 8123cf446dc1115a8af19f2b33d09537
File size 150.7 KB ( 154363 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
pedll overlay

VirusTotal metadata
First submission 2016-11-25 10:31:13 UTC ( 2 years, 4 months ago )
Last submission 2017-08-04 03:37:56 UTC ( 1 year, 8 months ago )
File names adjperm.DLL
Oe3cTld33aTOQyLh.tdb.bin
adjperm
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!