× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f7d1ad9b661cd462c1fa90c5f579c5ef2cfd25c610a6c6cff514c1ee0d121430
File name: PanAuthenticator
Detection ratio: 0 / 65
Analysis date: 2017-09-16 12:22:34 UTC ( 1 year, 7 months ago )
Antivirus Result Update
Ad-Aware 20170916
AegisLab 20170916
AhnLab-V3 20170916
Alibaba 20170911
ALYac 20170916
Antiy-AVL 20170916
Arcabit 20170916
Avast 20170916
Avast-Mobile 20170829
AVG 20170916
Avira (no cloud) 20170916
AVware 20170916
Baidu 20170915
BitDefender 20170916
CAT-QuickHeal 20170916
ClamAV 20170916
CMC 20170916
Comodo 20170916
CrowdStrike Falcon (ML) 20170804
Cylance 20170916
Cyren 20170916
DrWeb 20170916
Emsisoft 20170916
Endgame 20170821
ESET-NOD32 20170916
F-Prot 20170916
F-Secure 20170916
Fortinet 20170916
GData 20170916
Ikarus 20170916
Sophos ML 20170914
Jiangmin 20170916
K7AntiVirus 20170916
K7GW 20170916
Kaspersky 20170916
Kingsoft 20170916
Malwarebytes 20170916
MAX 20170916
McAfee 20170916
McAfee-GW-Edition 20170916
Microsoft 20170916
eScan 20170916
NANO-Antivirus 20170916
nProtect 20170916
Palo Alto Networks (Known Signatures) 20170916
Panda 20170916
Qihoo-360 20170916
Rising 20170916
SentinelOne (Static ML) 20170806
Sophos AV 20170916
SUPERAntiSpyware 20170916
Symantec 20170915
Symantec Mobile Insight 20170915
Tencent 20170916
TheHacker 20170916
TotalDefense 20170916
TrendMicro 20170916
TrendMicro-HouseCall 20170916
Trustlook 20170916
VBA32 20170915
VIPRE 20170916
ViRobot 20170916
Webroot 20170916
WhiteArmor 20170829
Yandex 20170908
Zillya 20170916
ZoneAlarm by Check Point 20170916
Zoner 20170916
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright (c) Intel Corporation 2007-2011

Product Intel(R) BlueTooth(R) High Speed
Original name PanAuthenticator.dll
Internal name PanAuthenticator
File version 15.6.0.5
Description Intel(R) BlueTooth(R) HS PAN Authenticator
Signature verification Signed file, verified signature
Signing date 2:10 AM 9/13/2012
Signers
[+] Intel Corporation-Mobile Wireless Group
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Intel External Basic Issuing CA 3B
Valid from 12:53 AM 12/17/2011
Valid to 12:53 AM 12/1/2014
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 4AB584BBF4C1A1E6DE0CF085583E8EC8EF4C36C7
Serial number 14 FE 8B 8B 00 01 00 00 84 05
[+] Intel External Basic Issuing CA 3B
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Intel External Basic Policy CA
Valid from 8:27 PM 5/15/2009
Valid to 8:37 PM 5/15/2015
Valid usage All
Algorithm sha1RSA
Thumbprint 06658BA692AB43BC425A902DF5CB9168960679CF
Serial number 61 20 8A 62 00 00 00 00 00 08
[+] Intel External Basic Policy CA
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Equifax Secure Certificate Authority
Valid from 7:01 PM 2/16/2006
Valid to 7:01 PM 2/19/2016
Valid usage All
Algorithm sha1RSA
Thumbprint 924B357FC7B9D8C9D26E41D4AF4DC6C4BABE90E5
Serial number 05 B0 FF
[+] GeoTrust
Status Valid
Issuer Equifax Secure Certificate Authority
Valid from 5:41 PM 8/22/1998
Valid to 5:41 PM 8/22/2018
Valid usage Email Protection, Server Auth, Code Signing
Algorithm sha1RSA
Thumbprint D23209AD23D314232174E40D7F9D62139786633A
Serial number 35 DE F4 CF
Counter signers
[+] Symantec Time Stamping Services Signer - G3
Status This certificate or one of the certificates in the certificate chain is not time valid., The revocation status of the certificate or one of the certificates in the certificate chain is unknown., Error 65536 (0x10000), The revocation status of the certificate or one of the certificates in the certificate chain is either offline or stale.
Issuer VeriSign Time Stamping Services CA
Valid from 1:00 AM 5/1/2012
Valid to 12:59 AM 1/1/2013
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 8FD99D63FB3AFBD534A4F6E31DACD27F59504021
Serial number 79 A2 A5 85 F9 D1 15 42 13 D9 B8 3E F6 B6 8D ED
[+] VeriSign Time Stamping Services CA
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/4/2003
Valid to 12:59 AM 12/4/2013
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D
Serial number 47 BF 19 95 DF 8D 52 46 43 F7 DB 6D 48 0D 31 A4
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-09-13 01:09:43
Entry Point 0x0001AFFA
Number of sections 5
PE sections
Overlays
MD5 c84f5dd7c544b5feb203478a6cfc450f
File type data
Offset 361984
Size 6448
Entropy 7.29
PE imports
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
SetMapMode
SaveDC
TextOutA
GetClipBox
GetDeviceCaps
OffsetViewportOrgEx
DeleteDC
RestoreDC
SetTextColor
CreateBitmap
RectVisible
GetStockObject
SetViewportOrgEx
ScaleWindowExtEx
ExtTextOutA
PtVisible
ScaleViewportExtEx
SelectObject
SetWindowExtEx
SetViewportExtEx
Escape
SetBkColor
DeleteObject
GetStdHandle
GetConsoleOutputCP
WaitForSingleObject
HeapDestroy
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
SetStdHandle
WideCharToMultiByte
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetOEMCP
LocalFree
InitializeCriticalSection
LoadResource
GlobalHandle
TlsGetValue
FormatMessageA
OutputDebugStringA
SetLastError
IsDebuggerPresent
ExitProcess
FlushFileBuffers
GetModuleFileNameA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetModuleHandleA
CreateSemaphoreA
CreateThread
GlobalAddAtomA
SetUnhandledExceptionFilter
ExitThread
TerminateProcess
WriteConsoleA
GlobalAlloc
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
SetEvent
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
FreeLibrary
GetStartupInfoA
GlobalDeleteAtom
GlobalLock
GlobalReAlloc
lstrcmpA
ResetEvent
lstrcmpW
WaitForMultipleObjects
GetProcAddress
CreateEventA
GlobalFindAtomA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
LocalReAlloc
LCMapStringW
lstrlenA
GlobalFree
GetConsoleCP
LCMapStringA
GlobalGetAtomNameA
GetEnvironmentStringsW
GlobalUnlock
GetEnvironmentStrings
GetCurrentProcessId
LockResource
GetCPInfo
HeapSize
GetCommandLineA
RaiseException
ReleaseSemaphore
TlsFree
SetFilePointer
GlobalFlags
CloseHandle
GetACP
GetModuleHandleW
SizeofResource
IsValidCodePage
HeapCreate
VirtualFree
Sleep
FindResourceA
VirtualAlloc
CompareStringA
VariantChangeType
VariantInit
VariantClear
MapWindowPoints
GetDlgCtrlID
GetForegroundWindow
GetParent
SystemParametersInfoA
SetPropA
SetMenuItemBitmaps
PostQuitMessage
UnhookWindowsHookEx
GetCapture
GetClassInfoExA
DestroyMenu
RegisterWindowMessageA
DefWindowProcA
GetMessagePos
IsWindowEnabled
GetPropA
LoadBitmapA
DrawTextExA
GetWindowThreadProcessId
GetSysColorBrush
GetSystemMetrics
IsIconic
IsWindow
GetWindowRect
DispatchMessageA
EnableWindow
SetMenu
PostMessageA
GrayStringA
MessageBoxA
PeekMessageA
SetWindowPos
AdjustWindowRectEx
SetWindowTextA
GetMessageTime
GetWindow
GetSysColor
GetMenuItemID
SetWindowLongA
DrawTextA
RemovePropA
GetClassInfoA
CheckMenuItem
GetMenu
GetWindowLongA
GetLastActivePopup
PtInRect
GetWindowPlacement
SendMessageA
GetWindowTextA
GetClientRect
GetDlgItem
GetMenuCheckMarkDimensions
WinHelpA
EnableMenuItem
RegisterClassA
GetClassLongA
CallNextHookEx
TabbedTextOutA
GetSubMenu
CreateWindowExA
LoadCursorA
LoadIconA
SetWindowsHookExA
ClientToScreen
GetTopWindow
CopyRect
GetMenuState
ValidateRect
CallWindowProcA
GetClassNameA
GetFocus
GetDC
ReleaseDC
GetMenuItemCount
SetForegroundWindow
ModifyMenuA
GetKeyState
DestroyWindow
OpenPrinterA
DocumentPropertiesA
ClosePrinter
htons
htonl
PE exports
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
15.6.0.5

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0017

CharacterSet
Unicode

InitializedDataSize
177152

EntryPoint
0x1affa

OriginalFileName
PanAuthenticator.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) Intel Corporation 2007-2011

FileVersion
15.6.0.5

TimeStamp
2012:09:13 02:09:43+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
PanAuthenticator

ProductVersion
15.6.0.0

FileDescription
Intel(R) BlueTooth(R) HS PAN Authenticator

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Intel(R) Corporation

CodeSize
183808

ProductName
Intel(R) BlueTooth(R) High Speed

ProductVersionNumber
15.6.0.0

FileTypeExtension
dll

ObjectFileType
Dynamic link library

File identification
MD5 031b580b5b98c3e157fcf2305bde9bf3
SHA1 2442eac1b395cb5e51ae151fa708717a037a1567
SHA256 f7d1ad9b661cd462c1fa90c5f579c5ef2cfd25c610a6c6cff514c1ee0d121430
ssdeep
6144:qAFXzOAsWZP9qH0WqfEoMhmqAEveAOAsD4ts:q2XzaH0W2EremsWs

authentihash f105a7a5b345d7da9df76df1ae96956f2ec9a659cf75d25b3c54fcb5ecb8a93f
imphash d28f8c4a8f281dcda0bbdab628a7322c
File size 359.8 KB ( 368432 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
pedll signed overlay

VirusTotal metadata
First submission 2014-02-27 15:54:55 UTC ( 5 years, 1 month ago )
Last submission 2016-05-28 03:25:16 UTC ( 2 years, 11 months ago )
File names sbs_ve_ambr_20160023214617.422_ 127250
panauthenticator.dll
PanAuthenticator
sbs_ve_ambr_20160020220447.365_ 2167246
{1743639b-ba61-4dc6-b21e-1e2f7f8530da}
031B580B5B98C3E157FCF2305BDE9BF3
{0148697f-ad21-4001-985e-c73435047ebd}
panauthenticator.dll.293f1168_e209_41aa_b879_24858bfdb89d
{18f03461-3e45-4389-8671-b1cb19a2d62c}
{e0da9f9c-d10f-43d0-9be0-abe99043f8a2}
3843406897e464409cab7d8f9512d03e.tmp
sbs_ve_ambr_20160023224656.707_ 137430
{16bb5f2a-239f-49f8-b83f-ae7c8756fcd4}
sbs_ve_ambr_20151018213511.304_ 73400
PanAuthenticator.dll
sbs_ve_ambr_20160110222514.300_ 286834
{730bb36a-64f3-42fa-a304-786b289662fc}
sbs_ve_ambr_20160023220355.868_ 2441232
sbs_ve_ambr_20160025220727.309_ 2748480
{0423bf67-1468-4511-ab82-76da3078ef91}
sbs_ve_ambr_20160025220810.038_ 2755091
f62602a0479e9a4d9d4c309493422ac7.tmp
{d4e5a116-7514-42a0-a0bf-17e659a1dff8}
sbs_ve_ambr_20160108222256.085_ 248278
sbs_ve_ambr_20160020220405.135_ 2160635
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!