× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f8481d025fc86efc197bb1e2c54b20c5e21f737bd37040615cccc851a8bc6ccf
File name: x3NzzWXgCcwO.tdb
Detection ratio: 6 / 54
Analysis date: 2016-11-28 10:31:51 UTC ( 2 years, 4 months ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9974 20161128
Bkav W32.eHeur.Malware09 20161128
Sophos ML trojan.win32.necurs.a 20161018
Kaspersky UDS:DangerousObject.Multi.Generic 20161128
Qihoo-360 HEUR/QVM39.1.0000.Malware.Gen 20161128
Rising Malware.Generic!glWY3GR55jR@2 (thunder) 20161128
Ad-Aware 20161128
AegisLab 20161128
AhnLab-V3 20161128
Alibaba 20161125
ALYac 20161128
Antiy-AVL 20161128
Arcabit 20161128
AVG 20161128
AVware 20161128
BitDefender 20161128
CAT-QuickHeal 20161128
ClamAV 20161128
CMC 20161128
Comodo 20161128
CrowdStrike Falcon (ML) 20161024
Cyren 20161128
DrWeb 20161128
Emsisoft 20161128
ESET-NOD32 20161128
F-Prot 20161128
F-Secure 20161128
Fortinet 20161128
GData 20161128
Jiangmin 20161128
K7AntiVirus 20161128
K7GW 20161128
Kingsoft 20161128
Malwarebytes 20161128
McAfee 20161128
McAfee-GW-Edition 20161128
Microsoft 20161128
eScan 20161128
NANO-Antivirus 20161128
nProtect 20161128
Panda 20161127
Sophos AV 20161128
SUPERAntiSpyware 20161128
Symantec 20161128
Tencent 20161128
TheHacker 20161126
TotalDefense 20161128
TrendMicro 20161128
TrendMicro-HouseCall 20161128
Trustlook 20161128
VBA32 20161125
VIPRE 20161128
ViRobot 20161128
WhiteArmor 20161125
Yandex 20161127
Zillya 20161125
Zoner 20161128
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
License: MPL 2

Product Firefox
Original name libEGL.dll
File version 46.0.1
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-11-28 06:46:37
Entry Point 0x000232D4
Number of sections 7
PE sections
Overlays
MD5 10e94cdc6d7037b333298d22587e8c27
File type data
Offset 273408
Size 13324
Entropy 7.99
PE imports
AbortPath
AnimatePalette
AddFontMemResourceEx
AngleArc
SetThreadLocale
GetStdHandle
GetDriveTypeW
WaitForSingleObject
HeapDestroy
GetFileAttributesW
GetLocalTime
DeleteCriticalSection
LocalAlloc
EnumSystemLocalesW
OpenFileMappingA
GetLocaleInfoW
GetCPInfo
GetDiskFreeSpaceW
InterlockedExchange
WriteFile
SetEvent
LocalFree
FormatMessageW
GetEnvironmentVariableA
OutputDebugStringW
FindClose
TlsGetValue
GetFullPathNameW
OutputDebugStringA
SetLastError
GetUserDefaultUILanguage
InitializeCriticalSection
GetModuleFileNameW
TryEnterCriticalSection
IsDebuggerPresent
HeapAlloc
GetModuleFileNameA
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
EnumCalendarInfoW
GetPrivateProfileStringW
InterlockedExchangeAdd
GetSystemDefaultUILanguage
InterlockedDecrement
SetCurrentDirectoryW
VirtualQuery
VirtualQueryEx
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
HeapFree
EnterCriticalSection
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
LoadLibraryA
RtlUnwind
GetFileSize
DeleteFileA
GetDateFormatW
GetStartupInfoW
CreateDirectoryW
DeleteFileW
CompareStringW
RemoveDirectoryW
ResetEvent
CreateFileMappingA
FindFirstFileW
IsValidLocale
CreateEventW
CreateFileW
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetLastError
HeapCreate
GetSystemInfo
GetThreadLocale
lstrlenW
VirtualFree
GetCPInfoExW
GetCurrentDirectoryW
GetCommandLineW
WideCharToMultiByte
HeapSize
GetCommandLineA
InterlockedCompareExchange
WritePrivateProfileStringW
lstrcpynW
RaiseException
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
SwitchToThread
GetLongPathNameW
UnmapViewOfFile
GetTempPathW
CreateProcessW
Sleep
VirtualAlloc
CharLowerBuffW
GetSystemMetrics
MessageBoxW
DestroyIcon
CharUpperW
SendMessageA
LoadStringW
MessageBoxA
CharLowerW
CharUpperBuffW
LoadImageW
CharNextW
exit
__set_app_type
Number of PE resources by type
RT_BITMAP 2
RT_VERSION 1
Number of PE resources by language
ENGLISH US 3
PE resources
Debug information
ExifTool file metadata
CodeSize
195072

UninitializedDataSize
40960

LinkerVersion
2.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
46.0.1.5966

LanguageCode
Neutral

FileFlagsMask
0x0000

ImageFileCharacteristics
Executable, Large address aware, 32-bit, DLL

CharacterSet
Unicode

InitializedDataSize
77312

EntryPoint
0x232d4

OriginalFileName
libEGL.dll

MIMEType
application/octet-stream

LegalCopyright
License: MPL 2

FileVersion
46.0.1

TimeStamp
2016:11:28 07:46:37+01:00

FileType
Win32 DLL

PEType
PE32

ProductVersion
46.0.1

SubsystemVersion
5.1

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Mozilla Foundation

BuildID
20160502172042

LegalTrademarks
Mozilla

ProductName
Firefox

ProductVersionNumber
46.0.1.5966

FileTypeExtension
dll

ObjectFileType
Dynamic link library

Compressed bundles
File identification
MD5 3f51e79f2170f107259561920871efbc
SHA1 a72cdc4f92b1a3331fec5a412b56599a8f136b00
SHA256 f8481d025fc86efc197bb1e2c54b20c5e21f737bd37040615cccc851a8bc6ccf
ssdeep
3072:zIxIp6BJJuk+husXhkaP9DajsvYKVdvSnXH3nXH3nXH0kUE0kUEqh6iE:zIxIgBJP+cBiGYYKnQZ

authentihash 9ae38b1767059b7ad30aefd18def269878b0a8351fa939b1df8fb838e01ab5da
imphash 95ef5b164882d4e6a3ac1c134e139781
File size 280.0 KB ( 286732 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (64.5%)
Win32 Dynamic Link Library (generic) (13.6%)
Win32 Executable (generic) (9.3%)
OS/2 Executable (generic) (4.1%)
Generic Win/DOS Executable (4.1%)
Tags
pedll overlay

VirusTotal metadata
First submission 2016-11-28 10:31:51 UTC ( 2 years, 4 months ago )
Last submission 2017-08-04 03:15:59 UTC ( 1 year, 8 months ago )
File names x3NzzWXgCcwO.tdb
x3NzzWXgCcwO.tdb
a72cdc4f92b1a3331fec5a412b56599a8f136b00
libEGL.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!