× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b3b6ee98aca14cf5bc9f3bc7897bc23934bf85fc4bc25b7506fe4cd9a767047a
File name: api-ms-win-crt-locale-l1-1-0.dll
Detection ratio: 0 / 70
Analysis date: 2019-05-19 12:29:02 UTC ( 4 hari, 13 jam ago )
Trusted source! This file belongs to the Microsoft Corporation software catalogue.
Antivirus Result Update
ALYac 20190519
APEX 20190518
AVG 20190519
Acronis 20190518
Ad-Aware 20190519
AegisLab 20190519
AhnLab-V3 20190519
Alibaba 20190513
Antiy-AVL 20190519
Arcabit 20190519
Avast 20190519
Avast-Mobile 20190519
Avira (no cloud) 20190519
Babable 20190424
Baidu 20190318
BitDefender 20190519
Bkav 20190518
CAT-QuickHeal 20190519
CMC 20190321
ClamAV 20190519
Comodo 20190519
CrowdStrike Falcon (ML) 20190212
Cylance 20190519
Cyren 20190519
DrWeb 20190519
ESET-NOD32 20190519
Emsisoft 20190519
Endgame 20190403
F-Prot 20190519
F-Secure 20190519
FireEye 20190519
Fortinet 20190519
GData 20190519
Ikarus 20190519
Sophos ML 20190313
Jiangmin 20190519
K7AntiVirus 20190519
K7GW 20190519
Kaspersky 20190519
Kingsoft 20190519
MAX 20190519
Malwarebytes 20190519
McAfee 20190519
McAfee-GW-Edition 20190518
eScan 20190519
Microsoft 20190519
NANO-Antivirus 20190519
Palo Alto Networks (Known Signatures) 20190519
Panda 20190519
Qihoo-360 20190519
Rising 20190519
SUPERAntiSpyware 20190514
SentinelOne (Static ML) 20190511
Sophos AV 20190519
Symantec 20190518
TACHYON 20190519
Tencent 20190519
TheHacker 20190516
TotalDefense 20190519
Trapmine 20190325
TrendMicro 20190519
TrendMicro-HouseCall 20190519
Trustlook 20190519
VBA32 20190517
ViRobot 20190519
Webroot 20190519
Zillya 20190517
ZoneAlarm by Check Point 20190519
Zoner 20190519
eGambit 20190519
Cybereason 20190417
Symantec Mobile Insight 20190516
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem that targets 64bit architectures.
Authenticode signature block and FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name apisetstub
Internal name apisetstub
File version 10.0.17134.12 (WinBuild.160101.0800)
Description ApiSet Stub DLL
Signature verification Signed file, verified signature
Signing date 4:37 PM 4/20/2018
Signers
[+] Microsoft Corporation
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Microsoft Code Signing PCA
Valid from 08:11 PM 08/11/2017
Valid to 08:11 PM 08/11/2018
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 5EAD300DC7E4D637948ECB0ED829A072BD152E17
Serial number 33 00 00 01 79 7C 2E 57 4E 52 E1 CA D6 00 01 00 00 01 79
[+] Microsoft Code Signing PCA
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 10:19 PM 08/31/2010
Valid to 10:29 PM 08/31/2020
Valid usage All
Algorithm sha1RSA
Thumbprint 3CAF9BA2DB5570CAF76942FF99101B993888E257
Serial number 61 33 26 1A 00 00 00 00 00 31
[+] Microsoft Root Certificate Authority
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 11:19 PM 05/09/2001
Valid to 11:28 PM 05/09/2021
Valid usage All
Algorithm sha1RSA
Thumbprint CDD4EEAE6000AC7F40C3802C171E30148030C072
Serial number 79 AD 16 A1 4A A0 A5 AD 4C 73 58 F4 07 13 2E 65
Counter signers
[+] Microsoft Time-Stamp Service
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Microsoft Time-Stamp PCA
Valid from 05:58 PM 09/07/2016
Valid to 05:58 PM 09/07/2018
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 50504829B08E9E62054D803D54785F8F3B3D5568
Serial number 33 00 00 00 BB B6 77 24 71 4A 20 00 20 00 00 00 00 00 BB
[+] Microsoft Time-Stamp PCA
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 12:53 PM 04/03/2007
Valid to 01:03 PM 04/03/2021
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 375FCB825C3DC3752A02E34EB70993B4997191EF
Serial number 61 16 68 34 00 00 00 00 00 1C
[+] Microsoft Root Certificate Authority
Status Valid
Issuer Microsoft Root Certificate Authority
Valid from 11:19 PM 05/09/2001
Valid to 11:28 PM 05/09/2021
Valid usage All
Algorithm sha1RSA
Thumbrint CDD4EEAE6000AC7F40C3802C171E30148030C072
Serial number 79 AD 16 A1 4A A0 A5 AD 4C 73 58 F4 07 13 2E 65
PE header basic information
Target machine x64
Compilation timestamp 2044-04-10 01:28:44
Number of sections 2
PE sections
Overlays
MD5 7bd1a4c759a18e12987dfb87f71a15bc
File type data
Offset 3584
Size 15624
Entropy 7.39
PE exports
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
10.0

InitializedDataSize
2560

ImageVersion
10.0

ProductName
Microsoft Windows Operating System

FileVersionNumber
10.0.17134.12

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, Large address aware, DLL

CharacterSet
Unicode

LinkerVersion
14.12

FileTypeExtension
dll

OriginalFileName
apisetstub

MIMEType
application/octet-stream

Subsystem
Windows command line

FileVersion
10.0.17134.12 (WinBuild.160101.0800)

TimeStamp
2044:04:10 03:28:44+02:00

FileType
Win64 DLL

PEType
PE32+

InternalName
apisetstub

ProductVersion
10.0.17134.12

FileDescription
ApiSet Stub DLL

OSVersion
10.0

FileOS
Windows NT 32-bit

LegalCopyright
Microsoft Corporation. All rights reserved.

MachineType
AMD AMD64

CompanyName
Microsoft Corporation

CodeSize
0

FileSubtype
0

ProductVersionNumber
10.0.17134.12

Warning
Possibly corrupt Version resource

EntryPoint
0x0000

ObjectFileType
Dynamic link library

Execution parents
Compressed bundles
File identification
MD5 ab206f2943977256ca3a59e5961e3a4f
SHA1 9c1df49a8dbdc8496ac6057f886f5c17b2c39e3e
SHA256 b3b6ee98aca14cf5bc9f3bc7897bc23934bf85fc4bc25b7506fe4cd9a767047a
ssdeep
192:eW1hWmL+49Cjdks/nGfe4pBjSbRIdnV7IGW5RKTt3E2sVWQ4OWVZsqnajkZtTT2N:eW1hWJ4wm0GftpBjpnVMLm3SDlmToDr

authentihash 4143820e83d634b82ea57367ad243d0daa97833d66d626717469f244e0b42336
File size 18.8 KB ( 19208 bytes )
File type Win32 DLL
Magic literal
PE32+ executable for MS Windows (DLL) (console)

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
64bits pedll signed trusted overlay

Trusted verdicts
This file belongs to the Microsoft Corporation software catalogue. The file is often found with api-ms-win-crt-locale-l1-1-0.dll as its name.
VirusTotal metadata
First submission 2018-05-12 05:31:47 UTC ( 1 tahun ago )
Last submission 2019-05-19 12:29:02 UTC ( 4 hari, 13 jam ago )
File names api-ms-win-crt-locale-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
apicdfc.tmp
api-ms-win-crt-locale-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!