× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 68661e6ba340fe4554c99722f14e8349991ca4a3a1df78973790a9e31c0ca940
File name: libeay32
Detection ratio: 0 / 57
Analysis date: 2015-08-18 15:41:21 UTC ( 1 aasta, 11 kuud ago )
Antivirus Result Update
Ad-Aware 20150822
AegisLab 20150821
Yandex 20150821
AhnLab-V3 20150821
Alibaba 20150821
ALYac 20150822
Antiy-AVL 20150822
Arcabit 20150822
Avast 20150822
AVG 20150822
Avira (no cloud) 20150822
AVware 20150822
Baidu-International 20150821
BitDefender 20150822
Bkav 20150821
ByteHero 20150822
CAT-QuickHeal 20150821
ClamAV 20150822
CMC 20150819
Comodo 20150822
Cyren 20150822
DrWeb 20150822
Emsisoft 20150822
ESET-NOD32 20150821
F-Prot 20150822
F-Secure 20150821
Fortinet 20150822
GData 20150822
Ikarus 20150821
Jiangmin 20150820
K7AntiVirus 20150821
K7GW 20150821
Kaspersky 20150822
Kingsoft 20150822
Malwarebytes 20150821
McAfee 20150822
McAfee-GW-Edition 20150822
Microsoft 20150821
eScan 20150822
NANO-Antivirus 20150822
nProtect 20150821
Panda 20150821
Qihoo-360 20150822
Rising 20150821
Sophos AV 20150822
SUPERAntiSpyware 20150822
Symantec 20150821
Tencent 20150822
TheHacker 20150820
TotalDefense 20150822
TrendMicro 20150822
TrendMicro-HouseCall 20150822
VBA32 20150821
VIPRE 20150822
ViRobot 20150821
Zillya 20150820
Zoner 20150822
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright © 1998-2005 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.

Publisher The OpenSSL Project, http://www.openssl.org/
Product The OpenSSL Toolkit
Original name libeay32.dll
Internal name libeay32
File version 1.0.1e
Description OpenSSL Shared Library
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-01-05 17:57:03
Entry Point 0x000AA02D
Number of sections 6
PE sections
PE imports
DeregisterEventSource
ReportEventA
RegisterEventSourceA
GetDeviceCaps
GetObjectA
DeleteDC
CreateDCA
SelectObject
DeleteObject
BitBlt
CreateCompatibleDC
GetBitmapBits
CreateCompatibleBitmap
GetStdHandle
FileTimeToSystemTime
GetFileAttributesA
GetDriveTypeA
HeapDestroy
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
FreeEnvironmentStringsW
SetStdHandle
WideCharToMultiByte
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetFullPathNameA
FreeLibrary
InitializeCriticalSection
FindClose
TlsGetValue
SetLastError
ReadConsoleInputA
ExitProcess
GetVersionExA
GetModuleFileNameA
SetConsoleCtrlHandler
UnhandledExceptionFilter
MultiByteToWideChar
GetModuleHandleA
SetFileAttributesA
SetEnvironmentVariableA
TerminateProcess
VirtualQuery
SetEndOfFile
GetVersion
HeapFree
EnterCriticalSection
SetHandleCount
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetCPInfo
GetProcAddress
CompareStringW
FindFirstFileA
CompareStringA
FindNextFileA
GlobalMemoryStatus
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
FlushConsoleInputBuffer
LCMapStringW
SetConsoleMode
GetSystemInfo
LCMapStringA
GetEnvironmentStringsW
FileTimeToLocalFileTime
GetEnvironmentStrings
GetCurrentProcessId
GetCurrentDirectoryA
HeapSize
GetCommandLineA
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetCurrentThreadId
HeapCreate
VirtualFree
VirtualAlloc
GetDesktopWindow
MessageBoxA
GetUserObjectInformationW
GetProcessWindowStation
htonl
accept
ioctlsocket
WSAStartup
connect
shutdown
htons
WSAGetLastError
getsockopt
closesocket
ntohl
send
ntohs
listen
WSACleanup
gethostbyname
WSASetLastError
recv
setsockopt
socket
bind
recvfrom
sendto
getservbyname
PE exports
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
7.1

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.1.5

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
430080

EntryPoint
0xaa02d

OriginalFileName
libeay32.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright 1998-2005 The OpenSSL Project. Copyright 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.

FileVersion
1.0.1e

TimeStamp
2014:01:05 18:57:03+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
libeay32

ProductVersion
1.0.1e

FileDescription
OpenSSL Shared Library

OSVersion
4.0

FileOS
Win32

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
The OpenSSL Project, http://www.openssl.org/

CodeSize
864256

ProductName
The OpenSSL Toolkit

ProductVersionNumber
1.0.1.5

FileTypeExtension
dll

ObjectFileType
Dynamic link library

Compressed bundles
File identification
MD5 86ebaddfb10833e51743ef8928bdaa26
SHA1 97a7b84c296d0c00a05ce741c2795544c107cdc3
SHA256 68661e6ba340fe4554c99722f14e8349991ca4a3a1df78973790a9e31c0ca940
ssdeep
24576:i946LiZMQIXpdVNBDxTmBnvPHK2poVbViJP:ivqsVNBDcfK2poJVUP

authentihash d243520ca6615da5e2d9415f46442e9c59ab79becc12462b4b7fdf088b6db26e
imphash acd3ac8c609b80f6812e3e89e9c3d8fe
File size 1.2 MB ( 1282048 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (52.5%)
Windows screen saver (22.0%)
Win32 Dynamic Link Library (generic) (11.0%)
Win32 Executable (generic) (7.5%)
Generic Win/DOS Executable (3.3%)
Tags
pedll

VirusTotal metadata
First submission 2015-07-28 15:34:44 UTC ( 1 aasta, 12 kuud ago )
Last submission 2015-07-28 15:34:44 UTC ( 1 aasta, 12 kuud ago )
File names libeay32.dll
libeay32
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!