× I cookies sono disabilitati! Questo sito richiede i cookies abilitati per funzionare correttamente
SHA256: 19e15a4288e109405f0181d921d3645e4622c87c4050004357355b7a9bf862cc
Nome del file: mimi.dll
Rapporto rilevamento: 9 / 65
Data analisi: 2017-09-21 15:42:10 UTC ( 1 mese fa ) Leggli gli ultimi
Antivirus Risultato Aggiornamento
Antiy-AVL Trojan[PSW]/Win32.Mimikatz 20170921
Avast Win32:Malware-gen 20170921
AVG Win32:Malware-gen 20170921
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20170804
DrWeb Tool.Mimikatz.159 20170921
ESET-NOD32 a variant of Win32/RiskWare.Mimikatz.H 20170921
Jiangmin Trojan.PSW.Mimikatz.iz 20170921
K7AntiVirus Riskware ( 004dc65a1 ) 20170921
K7GW Riskware ( 004dc65a1 ) 20170921
Ad-Aware 20170921
AegisLab 20170921
AhnLab-V3 20170921
Alibaba 20170911
ALYac 20170921
Arcabit 20170921
Avast-Mobile 20170921
Avira (no cloud) 20170921
AVware 20170921
Baidu 20170921
BitDefender 20170921
CAT-QuickHeal 20170921
ClamAV 20170921
CMC 20170920
Comodo 20170921
Cylance 20170921
Cyren 20170921
Emsisoft 20170921
Endgame 20170821
F-Prot 20170921
F-Secure 20170921
Fortinet 20170921
GData 20170921
Ikarus 20170921
Sophos ML 20170914
Kaspersky 20170921
Kingsoft 20170921
Malwarebytes 20170921
MAX 20170921
McAfee 20170921
McAfee-GW-Edition 20170921
Microsoft 20170921
eScan 20170921
NANO-Antivirus 20170921
nProtect 20170921
Palo Alto Networks (Known Signatures) 20170921
Panda 20170921
Qihoo-360 20170921
Rising 20170921
SentinelOne (Static ML) 20170806
Sophos AV 20170921
SUPERAntiSpyware 20170921
Symantec 20170921
Symantec Mobile Insight 20170921
Tencent 20170921
TheHacker 20170921
TotalDefense 20170921
TrendMicro 20170921
TrendMicro-HouseCall 20170921
Trustlook 20170921
VBA32 20170921
VIPRE 20170921
ViRobot 20170921
Webroot 20170921
WhiteArmor 20170829
Yandex 20170908
Zillya 20170921
ZoneAlarm by Check Point 20170921
Zoner 20170921
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-11-10 23:30:56
Entry Point 0x000532D2
Number of sections 6
PE sections
Overlays
MD5 6ed7b17caa9a3bcb1f5385a10b61162c
File type data
Offset 468992
Size 75035
Entropy 5.11
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
dll

TimeStamp
2016:11:11 00:30:56+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
467968

LinkerVersion
14.0

Warning
Error processing PE data dictionary

EntryPoint
0x532d2

InitializedDataSize
244224

SubsystemVersion
5.1

ImageVersion
0.0

OSVersion
5.1

UninitializedDataSize
0

File identification
MD5 8365158c74008879df00a9d49e61aaea
SHA1 686761aff5e4efedbc5b2931c0f214d8ba7b9463
SHA256 19e15a4288e109405f0181d921d3645e4622c87c4050004357355b7a9bf862cc
ssdeep
12288:UlRNN7h84tUu3JW1j485zyUIKj8CQnH1y912W9fLhu2OK4Q:G/7n+iWS8hyUk10lLs2Oy

authentihash 736fbac10a27c8b486cc2320d984eaf6210119977959a7ae128a184b494726dd
File size 531.3 KB ( 544027 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
corrupt pedll overlay

VirusTotal metadata
First submission 2017-09-21 15:42:10 UTC ( 1 mese fa )
Last submission 2017-10-02 08:47:18 UTC ( 2 settimane, 5 giorni fa )
Nomi dei files mimi.dll
Nessun commento. Nessun membro della Comunità di VirusTotal ha commentato questo item, sii il primo a farlo!

Lascia il tuo commento...

?
Posta commento

Non ti sei ancora collegato. Solo gli utenti registrati possono commentare, collegati ed esprimi il tuo giudizio!

Nessun voto. Nessuno ha ancora votato questo item, sii il primo a farlo!