× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a1221836731c7e52c42d5809cc02b17c5ec964601631ec15a84201f423da4ac4
File name: api-ms-win-core-processthreads-l1-1-0.dll
Detection ratio: 0 / 70
Analysis date: 2019-05-21 19:02:12 UTC ( 3 jam, 33 menit ago )
Trusted source! This file belongs to the Microsoft Corporation software catalogue.
Antivirus Result Update
ALYac 20190521
APEX 20190520
AVG 20190521
Acronis 20190521
Ad-Aware 20190521
AegisLab 20190521
AhnLab-V3 20190521
Alibaba 20190513
Antiy-AVL 20190521
Arcabit 20190521
Avast 20190521
Avast-Mobile 20190521
Avira (no cloud) 20190521
Babable 20190424
Baidu 20190318
BitDefender 20190521
Bkav 20190521
CAT-QuickHeal 20190521
CMC 20190321
ClamAV 20190521
Comodo 20190521
CrowdStrike Falcon (ML) 20190212
Cylance 20190521
Cyren 20190521
DrWeb 20190521
ESET-NOD32 20190521
Emsisoft 20190521
Endgame 20190521
F-Prot 20190521
F-Secure 20190521
FireEye 20190521
Fortinet 20190521
GData 20190521
Ikarus 20190521
Sophos ML 20190313
Jiangmin 20190521
K7AntiVirus 20190521
K7GW 20190521
Kaspersky 20190521
Kingsoft 20190521
MAX 20190521
Malwarebytes 20190521
McAfee 20190521
McAfee-GW-Edition 20190521
eScan 20190521
Microsoft 20190521
NANO-Antivirus 20190521
Palo Alto Networks (Known Signatures) 20190521
Panda 20190521
Qihoo-360 20190521
Rising 20190521
SUPERAntiSpyware 20190521
SentinelOne (Static ML) 20190511
Sophos AV 20190521
Symantec 20190521
TACHYON 20190521
Tencent 20190521
TheHacker 20190521
TotalDefense 20190521
Trapmine 20190325
TrendMicro 20190521
TrendMicro-HouseCall 20190521
Trustlook 20190521
VBA32 20190521
ViRobot 20190521
Webroot 20190521
Zillya 20190520
ZoneAlarm by Check Point 20190521
Zoner 20190521
eGambit 20190521
Cybereason 20190417
Symantec Mobile Insight 20190516
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem that targets 64bit architectures.
Authenticode signature block and FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name apisetstub
Internal name apisetstub
File version 10.0.17134.12 (WinBuild.160101.0800)
Description ApiSet Stub DLL
Signature verification Signed file, verified signature
Signing date 4:37 PM 4/20/2018
Signers
[+] Microsoft Corporation
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Microsoft Code Signing PCA
Valid from 08:11 PM 08/11/2017
Valid to 08:11 PM 08/11/2018
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 5EAD300DC7E4D637948ECB0ED829A072BD152E17
Serial number 33 00 00 01 79 7C 2E 57 4E 52 E1 CA D6 00 01 00 00 01 79
[+] Microsoft Code Signing PCA
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 10:19 PM 08/31/2010
Valid to 10:29 PM 08/31/2020
Valid usage All
Algorithm sha1RSA
Thumbprint 3CAF9BA2DB5570CAF76942FF99101B993888E257
Serial number 61 33 26 1A 00 00 00 00 00 31
[+] Microsoft Root Certificate Authority
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 11:19 PM 05/09/2001
Valid to 11:28 PM 05/09/2021
Valid usage All
Algorithm sha1RSA
Thumbprint CDD4EEAE6000AC7F40C3802C171E30148030C072
Serial number 79 AD 16 A1 4A A0 A5 AD 4C 73 58 F4 07 13 2E 65
Counter signers
[+] Microsoft Time-Stamp Service
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Microsoft Time-Stamp PCA
Valid from 05:58 PM 09/07/2016
Valid to 05:58 PM 09/07/2018
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 9D2361FA5394ACB4D0C59A07D23DFFFB50E37484
Serial number 33 00 00 00 C1 09 F8 02 41 BB 4D AA DC 00 00 00 00 00 C1
[+] Microsoft Time-Stamp PCA
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 12:53 PM 04/03/2007
Valid to 01:03 PM 04/03/2021
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 375FCB825C3DC3752A02E34EB70993B4997191EF
Serial number 61 16 68 34 00 00 00 00 00 1C
[+] Microsoft Root Certificate Authority
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 11:19 PM 05/09/2001
Valid to 11:28 PM 05/09/2021
Valid usage All
Algorithm sha1RSA
Thumbrint CDD4EEAE6000AC7F40C3802C171E30148030C072
Serial number 79 AD 16 A1 4A A0 A5 AD 4C 73 58 F4 07 13 2E 65
PE header basic information
Target machine x64
Compilation timestamp 2022-08-27 04:11:25
Number of sections 2
PE sections
Overlays
MD5 76efce124f4def2a2475db536466fba1
File type data
Offset 5120
Size 15624
Entropy 7.39
PE exports
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
14.12

ImageVersion
10.0

FileSubtype
0

FileVersionNumber
10.0.17134.12

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
ApiSet Stub DLL

ImageFileCharacteristics
Executable, Large address aware, DLL

CharacterSet
Unicode

InitializedDataSize
4096

EntryPoint
0x0000

OriginalFileName
apisetstub

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
10.0.17134.12 (WinBuild.160101.0800)

TimeStamp
2022:08:27 06:11:25+02:00

FileType
Win64 DLL

PEType
PE32+

InternalName
apisetstub

ProductVersion
10.0.17134.12

SubsystemVersion
10.0

OSVersion
10.0

FileOS
Windows NT 32-bit

Subsystem
Windows command line

MachineType
AMD AMD64

CompanyName
Microsoft Corporation

CodeSize
0

ProductName
Microsoft Windows Operating System

ProductVersionNumber
10.0.17134.12

Warning
Possibly corrupt Version resource

FileTypeExtension
dll

ObjectFileType
Dynamic link library

Execution parents
Compressed bundles
File identification
MD5 5faf9a33bab1d39dd9f820d34339b3d4
SHA1 50699041060d14576ed7bacbd44be9af80eb902a
SHA256 a1221836731c7e52c42d5809cc02b17c5ec964601631ec15a84201f423da4ac4
ssdeep
384:gWXk1JzNcKSIXW1hWEXRm0GftpBj1U6m3SddlmTod4V:gbcKSbxViZx8

authentihash f76bc0e5625824fe18d8c1c5d3bf27ebb851e36aee6fb7f492e69c40857ccbdc
File size 20.3 KB ( 20744 bytes )
File type Win32 DLL
Magic literal
PE32+ executable for MS Windows (DLL) (console)

TrID Win64 Executable (generic) (82.0%)
OS/2 Executable (generic) (6.0%)
Generic Win/DOS Executable (5.9%)
DOS Executable Generic (5.9%)
Tags
64bits pedll signed trusted overlay

Trusted verdicts
This file belongs to the Microsoft Corporation software catalogue. The file is often found with api-ms-win-core-processthreads-l1-1-0.dll as its name.
VirusTotal metadata
First submission 2018-05-12 05:31:27 UTC ( 1 tahun ago )
Last submission 2019-05-21 19:02:12 UTC ( 3 jam, 33 menit ago )
File names api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
a1221836731c7e52_api-ms-win-core-processthreads-l1-1-0.dll
a1221836731c7e52c42d5809cc02b17c5ec964601631ec15a84201f423da4ac4.bin
api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!