× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1ea267a2e6284f17dd548c6f2285e19f7edb15d6e737a55391140ce5cb95225e
File name: api-ms-win-core-file-l2-1-0.dll
Detection ratio: 0 / 67
Analysis date: 2019-05-19 12:29:13 UTC ( 1 hari, 23 jam ago )
Trusted source! This file belongs to the Microsoft Corporation software catalogue.
Antivirus Result Update
ALYac 20190519
APEX 20190518
AVG 20190519
Acronis 20190518
Ad-Aware 20190519
AegisLab 20190519
AhnLab-V3 20190519
Alibaba 20190513
Antiy-AVL 20190519
Arcabit 20190519
Avast 20190519
Avast-Mobile 20190519
Avira (no cloud) 20190519
Babable 20190424
Baidu 20190318
BitDefender 20190519
Bkav 20190518
CAT-QuickHeal 20190519
CMC 20190321
ClamAV 20190519
Comodo 20190519
CrowdStrike Falcon (ML) 20190212
Cylance 20190519
Cyren 20190519
DrWeb 20190519
ESET-NOD32 20190519
Emsisoft 20190519
Endgame 20190403
F-Prot 20190519
F-Secure 20190519
FireEye 20190519
Fortinet 20190519
GData 20190519
Ikarus 20190519
Sophos ML 20190313
Jiangmin 20190519
K7AntiVirus 20190519
K7GW 20190519
Kaspersky 20190519
Kingsoft 20190519
MAX 20190519
Malwarebytes 20190519
MaxSecure 20190518
McAfee 20190519
McAfee-GW-Edition 20190518
eScan 20190519
Microsoft 20190519
NANO-Antivirus 20190519
Palo Alto Networks (Known Signatures) 20190519
Panda 20190519
Qihoo-360 20190519
Rising 20190519
SUPERAntiSpyware 20190514
SentinelOne (Static ML) 20190511
Sophos AV 20190519
Symantec 20190518
TACHYON 20190519
Tencent 20190519
TheHacker 20190516
TotalDefense 20190519
Trapmine 20190325
Trustlook 20190519
VBA32 20190517
ViRobot 20190519
Webroot 20190519
Yandex 20190501
Zillya 20190517
ZoneAlarm by Check Point 20190519
Zoner 20190518
eGambit 20190519
Cybereason 20190417
Symantec Mobile Insight 20190516
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem that targets 64bit architectures.
Authenticode signature block and FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name apisetstub
Internal name apisetstub
File version 10.0.17134.12 (WinBuild.160101.0800)
Description ApiSet Stub DLL
Signature verification Signed file, verified signature
Signing date 2:37 PM 4/20/2018
Signers
[+] Microsoft Corporation
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Microsoft Code Signing PCA
Valid from 08:11 PM 08/11/2017
Valid to 08:11 PM 08/11/2018
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 5EAD300DC7E4D637948ECB0ED829A072BD152E17
Serial number 33 00 00 01 79 7C 2E 57 4E 52 E1 CA D6 00 01 00 00 01 79
[+] Microsoft Code Signing PCA
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 10:19 PM 08/31/2010
Valid to 10:29 PM 08/31/2020
Valid usage All
Algorithm sha1RSA
Thumbprint 3CAF9BA2DB5570CAF76942FF99101B993888E257
Serial number 61 33 26 1A 00 00 00 00 00 31
[+] Microsoft Root Certificate Authority
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 11:19 PM 05/09/2001
Valid to 11:28 PM 05/09/2021
Valid usage All
Algorithm sha1RSA
Thumbprint CDD4EEAE6000AC7F40C3802C171E30148030C072
Serial number 79 AD 16 A1 4A A0 A5 AD 4C 73 58 F4 07 13 2E 65
Counter signers
[+] Microsoft Time-Stamp Service
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Microsoft Time-Stamp PCA
Valid from 05:58 PM 09/07/2016
Valid to 05:58 PM 09/07/2018
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint FC77E80560A486BC3FEAA91E0A720FBB3B3EE76D
Serial number 33 00 00 00 C2 A0 09 C5 37 76 E9 F6 CD 00 00 00 00 00 C2
[+] Microsoft Time-Stamp PCA
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 12:53 PM 04/03/2007
Valid to 01:03 PM 04/03/2021
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 375FCB825C3DC3752A02E34EB70993B4997191EF
Serial number 61 16 68 34 00 00 00 00 00 1C
[+] Microsoft Root Certificate Authority
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 11:19 PM 05/09/2001
Valid to 11:28 PM 05/09/2021
Valid usage All
Algorithm sha1RSA
Thumbrint CDD4EEAE6000AC7F40C3802C171E30148030C072
Serial number 79 AD 16 A1 4A A0 A5 AD 4C 73 58 F4 07 13 2E 65
PE header basic information
Target machine x64
Compilation timestamp 2003-02-10 00:11:32
Number of sections 2
PE sections
Overlays
MD5 4fa8457d8feb8774491b015ae00a6786
File type data
Offset 3072
Size 15624
Entropy 7.39
PE exports
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
14.12

ImageVersion
10.0

FileSubtype
0

FileVersionNumber
10.0.17134.12

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
ApiSet Stub DLL

ImageFileCharacteristics
Executable, Large address aware, DLL

CharacterSet
Unicode

InitializedDataSize
2048

EntryPoint
0x0000

OriginalFileName
apisetstub

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
10.0.17134.12 (WinBuild.160101.0800)

TimeStamp
2003:02:10 00:11:32+00:00

FileType
Win64 DLL

PEType
PE32+

InternalName
apisetstub

ProductVersion
10.0.17134.12

SubsystemVersion
10.0

OSVersion
10.0

FileOS
Windows NT 32-bit

Subsystem
Windows command line

MachineType
AMD AMD64

CompanyName
Microsoft Corporation

CodeSize
0

ProductName
Microsoft Windows Operating System

ProductVersionNumber
10.0.17134.12

Warning
Possibly corrupt Version resource

FileTypeExtension
dll

ObjectFileType
Dynamic link library

Execution parents
Compressed bundles
File identification
MD5 bfffa7117fd9b1622c66d949bac3f1d7
SHA1 402b7b8f8dcfd321b1d12fc85a1ee5137a5569b2
SHA256 1ea267a2e6284f17dd548c6f2285e19f7edb15d6e737a55391140ce5cb95225e
ssdeep
384:eVrW1hWbvm0GftpBjzH4m3S9gTlUK3dsl:eVuAViaB/6sl

authentihash f2f21469e57bf17bc0b75ff33e7a294f2699a567885b0eb72332640508047a27
File size 18.3 KB ( 18696 bytes )
File type Win32 DLL
Magic literal
PE32+ executable for MS Windows (DLL) (console)

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
64bits pedll signed trusted overlay

Trusted verdicts
This file belongs to the Microsoft Corporation software catalogue. The file is often found with api-ms-win-core-file-l2-1-0.dll as its name.
VirusTotal metadata
First submission 2018-05-12 05:31:13 UTC ( 1 tahun ago )
Last submission 2019-05-19 12:29:13 UTC ( 1 hari, 23 jam ago )
File names api-ms-win-core-file-l2-1-0.dll
api-ms-win-core-file-l2-1-0.dll
api-ms-win-core-file-l2-1-0.dll
api-ms-win-core-file-l2-1-0.dll
api-ms-win-core-file-l2-1-0.dll
api-ms-win-core-file-l2-1-0.dll
api-ms-win-core-file-l2-1-0.dll
api-ms-win-core-file-l2-1-0.dll
api-ms-win-core-file-l2-1-0.dll
api-ms-win-core-file-l2-1-0.dll
api-ms-win-core-file-l2-1-0.dll
api-ms-win-core-file-l2-1-0.dll
api-ms-win-core-file-l2-1-0.dll
api-ms-win-core-file-l2-1-0.dll
1ea267a2e6284f17_api-ms-win-core-file-l2-1-0.dll
api-ms-win-core-file-l2-1-0.dll
api-ms-win-core-file-l2-1-0.dll
api-ms-win-core-file-l2-1-0.dll
api-ms-win-core-file-l2-1-0.dll
api-ms-win-core-file-l2-1-0.dll
api-ms-win-core-file-l2-1-0.dll
api-ms-win-core-file-l2-1-0.dll
api-ms-win-core-file-l2-1-0.dll
api-ms-win-core-file-l2-1-0.dll
api-ms-win-core-file-l2-1-0.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!