× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f8512125a08ee13e779277a25a31d7074ba8dfbfdc8f418d0bc298bb1bc777c2
File name: a008b27209e5f261e4f57d2b22844ead
Detection ratio: 27 / 55
Analysis date: 2014-11-17 06:15:18 UTC ( 4 years, 4 months ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Kazy.496105 20141117
AhnLab-V3 Trojan/Win32.Zbot 20141116
AVG Crypt3.BEWD 20141117
Avira (no cloud) TR/Crypt.ZPACK.94547 20141117
AVware Trojan.Win32.Generic!BT 20141117
BitDefender Gen:Variant.Kazy.496105 20141117
DrWeb Trojan.PWS.Panda.7708 20141117
Emsisoft Gen:Variant.Kazy.496105 (B) 20141117
ESET-NOD32 a variant of Win32/Kryptik.CQGO 20141117
F-Secure Gen:Variant.Kazy.496105 20141116
Fortinet W32/Kryptik.CQAY!tr 20141117
GData Gen:Variant.Kazy.496105 20141117
Ikarus Trojan-Spy.Zbot 20141117
Kaspersky Trojan-Spy.Win32.Zbot.uofs 20141117
Malwarebytes Trojan.Agent.ED 20141117
McAfee RDN/Generic PWS.y!bbt 20141117
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.fm 20141117
Microsoft PWS:Win32/Zbot.gen!VM 20141117
eScan Gen:Variant.Kazy.496105 20141117
Norman Simda.TLI 20141116
Panda Trj/CI.A 20141116
Qihoo-360 HEUR/QVM20.1.Malware.Gen 20141117
Rising PE:Trojan.Win32.Generic.17A2F1F8!396554744 20141116
Sophos AV Mal/Generic-S 20141117
Symantec WS.Reputation.1 20141117
TrendMicro-HouseCall TROJ_GEN.R028H01KE14 20141117
VIPRE Trojan.Win32.Generic!BT 20141117
AegisLab 20141117
Yandex 20141116
Antiy-AVL 20141117
Avast 20141117
Baidu-International 20141107
Bkav 20141115
ByteHero 20141117
CAT-QuickHeal 20141117
ClamAV 20141117
CMC 20141114
Comodo 20141117
Cyren 20141117
F-Prot 20141117
Jiangmin 20141116
K7AntiVirus 20141114
K7GW 20141115
Kingsoft 20141117
NANO-Antivirus 20141117
nProtect 20141114
SUPERAntiSpyware 20141116
Tencent 20141117
TheHacker 20141115
TotalDefense 20141116
TrendMicro 20141117
VBA32 20141114
ViRobot 20141117
Zillya 20141115
Zoner 20141112
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright(c) 2007 Corel Corporation

Publisher Corel Corporation
Product Corel Common Framework
Original name DIMIntl.dll
Internal name DIM
File version 7.5.0.375
Description DIM
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-11-13 17:02:53
Entry Point 0x00001230
Number of sections 4
PE sections
PE imports
RegOpenKeyExA
NotifyBootConfigStatus
RegQueryValueExA
FlattenPath
SelectObject
GetBkMode
AbortPath
AddFontResourceW
GdiFlush
DeleteEnhMetaFile
CreateCompatibleDC
AbortDoc
GetLastError
GetModuleHandleA
Sleep
GetVersion
VirtualAlloc
GetProcessHeap
EnableMenuItem
LoadCursorA
LoadIconA
GetMenu
IsDlgButtonChecked
GetSysColor
GetKeyboardType
_cexit
__p__fmode
_c_exit
_except_handler3
_exit
__p__commode
__initenv
_controlfp
exit
_XcptFilter
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__set_app_type
Number of PE resources by type
RT_ICON 2
RT_DIALOG 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 5
PE resources
ExifTool file metadata
LegalTrademarks
Copyright(c) 2007 Corel Corporation

SubsystemVersion
5.0

LinkerVersion
8.0

ImageVersion
0.0

ProductName
Corel Common Framework

FileVersionNumber
7.5.0.375

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
292864

OriginalFilename
DIMIntl.dll

LanguageBuildID
0

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
7.5.0.375

TimeStamp
2014:11:13 18:02:53+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
DIM

FileAccessDate
2014:11:17 07:17:46+01:00

ProductVersion
7.5.0.375

FileDescription
DIM

MachineType
Intel 386 or later, and compatibles

OSVersion
5.0

FileCreateDate
2014:11:17 07:17:46+01:00

FileOS
Win32

LegalCopyright
Copyright(c) 2007 Corel Corporation

Builton
Fri 12/14/2007 16:45:14.17

CompanyName
Corel Corporation

CodeSize
54272

FileSubtype
0

ProductVersionNumber
7.5.0.375

EntryPoint
0x1230

ObjectFileType
Executable application

File identification
MD5 a008b27209e5f261e4f57d2b22844ead
SHA1 177de35bd62a2ae77e3d6de235c61cf90d007989
SHA256 f8512125a08ee13e779277a25a31d7074ba8dfbfdc8f418d0bc298bb1bc777c2
ssdeep
3072:KoG9TMPfaY7IMRpll1x/Nmeci9VJCTwxDrK5J6wsdKGE8tuB23:KowDafl/Nm/i9VJCTYDrwbsdTnuB2

authentihash efc9e2a3c03a77072788e95173181716ab11b9e95d0b99bdee3c9e6c12b9acc9
imphash 7120e200b2c7f3685d2abf7657000d19
File size 340.0 KB ( 348160 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe

VirusTotal metadata
First submission 2014-11-17 06:15:18 UTC ( 4 years, 4 months ago )
Last submission 2014-11-17 06:15:18 UTC ( 4 years, 4 months ago )
File names DIM
DIMIntl.dll
a008b27209e5f261e4f57d2b22844ead
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Created mutexes
Opened mutexes
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.