× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: fffdd43f46f27d97f9c7d9c865deb711bc63ff9ae864cd1abd31ecb254d773fc
File name: ConvertToPDFShellExtension_x86.dll
Detection ratio: 0 / 57
Analysis date: 2015-10-14 02:47:02 UTC ( 3 years, 7 months ago )
Antivirus Result Update
Ad-Aware 20151018
AegisLab 20151018
Yandex 20151017
AhnLab-V3 20151018
Alibaba 20151016
ALYac 20151018
Antiy-AVL 20151018
Arcabit 20151018
Avast 20151018
AVG 20151018
Avira (no cloud) 20151018
AVware 20151018
Baidu-International 20151018
BitDefender 20151018
Bkav 20151017
ByteHero 20151018
CAT-QuickHeal 20151017
ClamAV 20151018
CMC 20151016
Comodo 20151018
Cyren 20151018
DrWeb 20151018
Emsisoft 20151018
ESET-NOD32 20151018
F-Prot 20151018
F-Secure 20151017
Fortinet 20151018
GData 20151018
Ikarus 20151018
Jiangmin 20151017
K7AntiVirus 20151018
K7GW 20151018
Kaspersky 20151018
Kingsoft 20151018
Malwarebytes 20151018
McAfee 20151018
McAfee-GW-Edition 20151018
Microsoft 20151018
eScan 20151018
NANO-Antivirus 20151018
nProtect 20151016
Panda 20151018
Qihoo-360 20151018
Rising 20151017
Sophos AV 20151018
SUPERAntiSpyware 20151018
Symantec 20151018
Tencent 20151018
TheHacker 20151017
TotalDefense 20151018
TrendMicro 20151018
TrendMicro-HouseCall 20151018
VBA32 20151016
VIPRE 20151018
ViRobot 20151018
Zillya 20151018
Zoner 20151018
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2006-2012 Foxit Corporation

Publisher Foxit Corporation
Product ConvertToPDFShellExtension
Original name ConvertToPDFShellExtension.dll
Internal name ConvertToPDFShellExtension.dll
File version 1.0.0.525
Description ConvertToPDFShellExtension
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-05-28 03:56:22
Entry Point 0x0000C8B1
Number of sections 5
PE sections
Overlays
MD5 b16204dd30b5c28eec329035b1cf0805
File type data
Offset 181248
Size 5664
Entropy 7.31
PE imports
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegQueryValueExW
SetThreadLocale
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
SetStdHandle
HeapCreate
GetModuleFileNameW
GetConsoleCP
FreeLibrary
QueryPerformanceCounter
HeapDestroy
GetTickCount
GetThreadLocale
TlsAlloc
GlobalUnlock
GetEnvironmentStringsW
FlushFileBuffers
lstrcmpiW
RtlUnwind
lstrlenW
IsProcessorFeaturePresent
GetCommandLineA
DeleteCriticalSection
GetCurrentProcess
GetStartupInfoW
SizeofResource
GetFileType
GetConsoleMode
DecodePointer
GetCurrentProcessId
LCMapStringW
SetHandleCount
UnhandledExceptionFilter
WideCharToMultiByte
ExitProcess
LoadLibraryExW
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetModuleFileNameA
GlobalLock
EncodePointer
GetProcessHeap
lstrcpynW
RaiseException
GetCPInfo
GetProcAddress
TlsFree
SetFilePointer
ReadFile
SetUnhandledExceptionFilter
WriteFile
CloseHandle
GetSystemTimeAsFileTime
lstrcpynA
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
GetOEMCP
IsDebuggerPresent
TerminateProcess
LoadLibraryW
TlsGetValue
IsValidCodePage
LoadResource
FindResourceW
CreateFileW
InterlockedDecrement
Sleep
SetLastError
SetEndOfFile
TlsSetValue
HeapAlloc
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
LeaveCriticalSection
VarUI4FromStr
SysStringLen
UnRegisterTypeLib
LoadRegTypeLib
RegisterTypeLib
SysAllocString
LoadTypeLib
SysFreeString
DragQueryFileW
ShellExecuteExW
GetDlgCtrlID
SetMenuItemBitmaps
LoadBitmapW
EnumChildWindows
LoadStringW
InsertMenuW
wsprintfW
CharNextW
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
StringFromGUID2
PE exports
Number of PE resources by type
REGISTRY 2
RT_BITMAP 2
TYPELIB 1
RT_MANIFEST 1
RT_STRING 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 4
CHINESE SIMPLIFIED 3
RUSSIAN NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
62976

ImageVersion
0.0

ProductName
ConvertToPDFShellExtension

FileVersionNumber
1.0.0.525

LanguageCode
Unknown (0019)

FileFlagsMask
0x003f

FileDescription
ConvertToPDFShellExtension

CharacterSet
Windows, Cyrillic

LinkerVersion
10.0

FileTypeExtension
dll

OriginalFileName
ConvertToPDFShellExtension.dll

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0.0.525

TimeStamp
2012:05:28 04:56:22+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
ConvertToPDFShellExtension.dll

ProductVersion
1.0.0.525

SubsystemVersion
5.1

OSVersion
5.1

FileOS
Win32

LegalCopyright
Copyright (C) 2006-2012 Foxit Corporation

MachineType
Intel 386 or later, and compatibles

CompanyName
Foxit Corporation

CodeSize
117248

FileSubtype
0

ProductVersionNumber
1.0.0.525

EntryPoint
0xc8b1

ObjectFileType
Dynamic link library

Compressed bundles
File identification
MD5 0e45f23c9117124cf04c8ed43039074a
SHA1 9cdc8ea165cf248363a4a604f76bc091a326ea6b
SHA256 fffdd43f46f27d97f9c7d9c865deb711bc63ff9ae864cd1abd31ecb254d773fc
ssdeep
3072:mzj+2VeWSkZAnvXLeadTm1hmT3+qkOf4ZX3vD5:AgCAv7NxOhmT3QOGb5

authentihash c17b29fc80b5dd7c17b2c07b055931718f8eb2cd8ebea948b53cab9fa605deae
imphash f54009abf07a77783fdcbb91f1b2d475
File size 182.5 KB ( 186912 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID DirectShow filter (55.3%)
Windows ActiveX control (31.9%)
Win32 Executable MS Visual C++ (generic) (8.5%)
Win32 Dynamic Link Library (generic) (1.8%)
Win32 Executable (generic) (1.2%)
Tags
pedll overlay

VirusTotal metadata
First submission 2015-09-22 23:29:55 UTC ( 3 years, 8 months ago )
Last submission 2015-09-22 23:29:55 UTC ( 3 years, 8 months ago )
File names ConvertToPDFShellExtension.dll
ConvertToPDFShellExtension_x86.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!