× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: 0818dc32b52d2a6b6a629ccbd75c0ba91f2db70bc27cc981eecd7b2b032e3303
Nom du fichier : 1768625.exe
Ratio de détection : 3 / 45
Date d'analyse : 2013-02-20 08:37:05 UTC (il y a 6 ans, 3 mois) Voir les derniers
Antivirus Résultat Mise à jour
Fortinet W32/Kryptik.ALRY!tr 20130220
Kaspersky HEUR:Trojan.Win32.Generic 20130220
Rising Suspicious 20130205
Yandex 20130219
AntiVir 20130220
Antiy-AVL 20130219
Avast 20130220
AVG 20130220
BitDefender 20130220
ByteHero 20130218
CAT-QuickHeal 20130220
ClamAV 20130220
Commtouch 20130220
Comodo 20130220
DrWeb 20130220
Emsisoft 20130220
eSafe 20130211
ESET-NOD32 20130220
F-Prot 20130220
F-Secure 20130220
GData 20130220
Ikarus 20130220
Jiangmin 20130220
K7AntiVirus 20130219
Kingsoft 20130204
Malwarebytes 20130219
McAfee 20130220
McAfee-GW-Edition 20130220
Microsoft 20130220
eScan 20130220
NANO-Antivirus 20130220
Norman 20130219
nProtect 20130219
Panda 20130219
PCTools 20130219
Sophos AV 20130220
SUPERAntiSpyware 20130220
Symantec 20130220
TheHacker 20130219
TotalDefense 20130219
TrendMicro 20130220
TrendMicro-HouseCall 20130220
VBA32 20130219
VIPRE 20130220
ViRobot 20130220
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Корпорация Майкрософт. Все права защищены.

Product Операционная система Microsoft® Windows®
Original name RCBDYCTL.DLL
Internal name RCBDYCTL.DLL
File version 5.1.2600.5512 (xpsp.080413-2108)
Description Удаленный помощник (Microsoft)
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2006-05-14 09:23:07
Entry Point 0x00002616
Number of sections 5
PE sections
PE imports
FreeLibrary
FileTimeToSystemTime
GetCurrentProcess
SetUnhandledExceptionFilter
GetCurrentProcessId
GetModuleHandleA
GetLastError
lstrlenW
InterlockedExchange
QueryPerformanceCounter
GetDateFormatW
FormatMessageW
Sleep
CloseHandle
GetSystemTimeAsFileTime
GetTickCount
GetCurrentThreadId
InterlockedCompareExchange
GetProcAddress
WindowFromPoint
PE exports
Number of PE resources by type
REGISTRY 5
RT_STRING 4
TYPELIB 1
RT_DIALOG 1
RT_VERSION 1
Number of PE resources by language
RUSSIAN 12
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
7.1

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
5.1.2600.5512

UninitializedDataSize
0

LanguageCode
Russian

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
360448

EntryPoint
0x2616

OriginalFileName
RCBDYCTL.DLL

MIMEType
application/octet-stream

LegalCopyright
. .

FileVersion
5.1.2600.5512 (xpsp.080413-2108)

TimeStamp
2006:05:14 10:23:07+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
RCBDYCTL.DLL

ProductVersion
5.1.2600.5512

FileDescription
(Microsoft)

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
77824

ProductName
Microsoft Windows

ProductVersionNumber
5.1.2600.5512

Warning
Possibly corrupt Version resource

FileTypeExtension
dll

ObjectFileType
Executable application

File identification
MD5 38e3c3034590d5843f5594f2b2cffb69
SHA1 cd913f83d83e56034ef02be1a7f60a884f552a9c
SHA256 0818dc32b52d2a6b6a629ccbd75c0ba91f2db70bc27cc981eecd7b2b032e3303
ssdeep
1536:AOfzHrU8ufNGX3uqbmcKreL5lZMlUvUMn/dtGca/TOiSc1Uvl7KhWAtJzy:AOfzHrU8ulUVKfahMlHMn1aLIjpwfzy

authentihash edf7e6c4e8fc847fc1a0240f13659a4b36e393b0c94ee635a62e675cc8262322
imphash d9a58d59fa7fb24cae7baedf4ea6934e
File size 112.0 KB ( 114688 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
pedll

VirusTotal metadata
First submission 2013-02-20 08:10:38 UTC (il y a 6 ans, 3 mois)
Last submission 2017-12-06 17:05:50 UTC (il y a 1 an, 5 mois)
Noms du fichier 38e3c3034590d5843f5594f2b2cffb69
1768625.exe
38e3c3034590d5843f5594f2b2cffb69
RCBDYCTL.DLL
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !