× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f99ef76bfce0fbcdce1da10b6798cec99a51f141b85eca0ec8ab13a06f7e4935
File name: f99ef76bfce0fbcdce1da10b6798cec99a51f141b85eca0ec8ab13a06f7e4935
Detection ratio: 29 / 61
Analysis date: 2017-03-15 08:51:45 UTC ( 2 years ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.4591970 20170315
AegisLab Ml.Attribute.Gen!c 20170315
Arcabit Trojan.Generic.D461162 20170315
Avira (no cloud) TR/Pennelas.pwric 20170315
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9998 20170315
BitDefender Trojan.GenericKD.4591970 20170315
CAT-QuickHeal (Suspicious) - DNAScan 20170314
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20170130
Emsisoft Trojan.GenericKD.4591970 (B) 20170315
Endgame malicious (high confidence) 20170222
ESET-NOD32 Win32/Dridex.AY 20170315
F-Secure Trojan.GenericKD.4591970 20170315
Fortinet W32/Dridex.AY!tr 20170315
GData Win32.Trojan.Agent.HBE9IG 20170315
Ikarus Win32.Outbreak 20170314
Sophos ML backdoor.win32.drixed.m 20170203
Kaspersky Backdoor.Win32.Dridex.cw 20170315
Malwarebytes Trojan.Dridex 20170315
McAfee Artemis!471A52EF93E9 20170315
McAfee-GW-Edition BehavesLike.Win32.Virut.ch 20170315
eScan Trojan.GenericKD.4591970 20170315
nProtect Backdoor/W32.Dridex.170916 20170315
Palo Alto Networks (Known Signatures) generic.ml 20170315
Qihoo-360 Win32/Trojan.54b 20170315
Rising Malware.Generic.2!tfe (thunder:2:UVGCd5hVtAJ) 20170315
Sophos AV Troj/Agent-AVQZ 20170315
Symantec Trojan.Cridex 20170314
Webroot W32.Trojan.Gen 20170315
ZoneAlarm by Check Point Backdoor.Win32.Dridex.cw 20170315
AhnLab-V3 20170314
Alibaba 20170228
ALYac 20170315
Antiy-AVL 20170315
Avast 20170315
AVG 20170315
AVware 20170315
Bkav 20170314
ClamAV 20170315
CMC 20170315
Comodo 20170315
Cyren 20170315
DrWeb 20170315
F-Prot 20170315
Jiangmin 20170315
K7AntiVirus 20170315
K7GW 20170315
Kingsoft 20170315
Microsoft 20170315
NANO-Antivirus 20170315
Panda 20170314
SUPERAntiSpyware 20170315
Tencent 20170315
TheHacker 20170315
TotalDefense 20170315
TrendMicro 20170315
TrendMicro-HouseCall 20170315
Trustlook 20170315
VBA32 20170314
VIPRE 20170315
ViRobot 20170315
WhiteArmor 20170303
Yandex 20170312
Zillya 20170314
Zoner 20170315
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name c_iscii.dll
Internal name c_iscii
File version 6.3.9600.17415 (winblue_r4.141028-1500)
Description ISCII Code Page Translation DLL
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-03-14 09:03:46
Entry Point 0x0000DBB0
Number of sections 20
PE sections
PE imports
GetComputerNameExA
GetComputerNameW
GetVolumePathNameW
CopyFileW
GetTapeParameters
SetEnvironmentVariableW
CreateDirectoryExW
GetPrivateProfileIntA
SetProcessPriorityBoost
WaitNamedPipeA
SetCommMask
SearchPathW
FreeConsole
GetCommandLineA
GetProcAddress
SetConsoleScreenBufferSize
GetModuleHandleW
LPSAFEARRAY_UserSize
DragQueryFileW
StrStrIA
fgetc
free
PdhCollectQueryDataEx
PdhMakeCounterPathW
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
4.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.3.9600.17415

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
129536

EntryPoint
0xdbb0

OriginalFileName
c_iscii.dll

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
6.3.9600.17415 (winblue_r4.141028-1500)

TimeStamp
2017:03:14 10:03:46+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
c_iscii

ProductVersion
6.3.9600.17415

FileDescription
ISCII Code Page Translation DLL

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
55808

ProductName
Microsoft Windows Operating System

ProductVersionNumber
6.3.9600.17415

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 471a52ef93e9e32351948e32939d98d5
SHA1 1d6c5cd10dd6552ab9e6c02f56c2244a0337d452
SHA256 f99ef76bfce0fbcdce1da10b6798cec99a51f141b85eca0ec8ab13a06f7e4935
ssdeep
3072:OFOSBGwnSz6ft/rza/T8XU5vxaSNt/EpChmXNTlp79JCytHcrVezxG2r07VCL22k:MOSu6fRruwU5/N1jS97+mr/RJgr

authentihash 50bb915d034b51cf9cb244bb0775c94a6d17416e45e4a5060b350e74c1a8d22b
imphash 2678d3caf0811671e223585c6bd275ee
File size 166.9 KB ( 170916 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.6%)
Clipper DOS Executable (19.1%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
VXD Driver (0.2%)
Tags
peexe

VirusTotal metadata
First submission 2017-03-14 10:22:01 UTC ( 2 years ago )
Last submission 2017-08-17 10:44:30 UTC ( 1 year, 7 months ago )
File names music[1].mp3c
c_iscii.dll
c_iscii
music.mp3c
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!