× Cookie が無効になっています。 このサイトを正しく動作させるには、Cookie を有効にする必要があります
SHA256: 07b2fd450c20d56a84962a0cd71ccc8aaeff13919d6b6f36b49681ec4bece70b
ファイル名: password.dll
検出率: 16 / 66
分析日時: 2017-11-06 12:34:54 UTC (7 ヶ月, 2 週間前)
ウイルス対策ソフト 結果 更新日
AegisLab Troj.Spnr.Gen!c 20171106
Antiy-AVL Trojan[Backdoor]/Win32.Hupigon 20171103
Avast Win32:PUP-gen [PUP] 20171106
AVG Win32:PUP-gen [PUP] 20171106
Cylance Unsafe 20171106
Fortinet W32/BDoor.AWQ!tr.bdr 20171106
Jiangmin Backdoor/Hupigon.byzg 20171106
McAfee Artemis!ADC5F6A521F8 20171031
McAfee-GW-Edition Artemis!Trojan 20171106
Panda Generic Malware 20171105
Symantec Backdoor.Trojan 20171106
TrendMicro TROJ_SPNR.38JE13 20171106
TrendMicro-HouseCall TROJ_SPNR.38JE13 20171106
ViRobot Backdoor.Win32.A.Hupigon.34816.F 20171106
Webroot W32.Malware.Gen 20171106
Zillya Backdoor.Hupigon.Win32.138107 20171104
Ad-Aware 20171106
AhnLab-V3 20171106
Alibaba 20170911
ALYac 20171106
Arcabit 20171106
Avast-Mobile 20171106
Avira (no cloud) 20171106
AVware 20171106
Baidu 20171103
BitDefender 20171106
Bkav 20171106
CAT-QuickHeal 20171106
ClamAV 20171106
CMC 20171104
Comodo 20171106
CrowdStrike Falcon (ML) 20171016
Cybereason None
Cyren 20171106
DrWeb 20171106
eGambit 20171106
Emsisoft 20171106
Endgame 20171024
ESET-NOD32 20171106
F-Prot 20171106
F-Secure 20171106
GData 20171106
Ikarus 20171106
Sophos ML 20170914
K7AntiVirus 20171106
K7GW 20171106
Kaspersky 20171106
Kingsoft 20171106
Malwarebytes 20171106
MAX 20171106
Microsoft 20171106
eScan 20171106
NANO-Antivirus 20171106
nProtect 20171106
Palo Alto Networks (Known Signatures) 20171106
Qihoo-360 20171106
Rising 20171106
SentinelOne (Static ML) 20171019
Sophos AV 20171106
SUPERAntiSpyware 20171106
Symantec Mobile Insight 20171103
Tencent 20171106
TheHacker 20171102
Trustlook 20171106
VBA32 20171104
VIPRE 20171106
WhiteArmor 20171104
Yandex 20171102
ZoneAlarm by Check Point 20171106
Zoner 20171106
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-02-12 12:45:43
Entry Point 0x000016E0
Number of sections 5
PE sections
PE imports
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
WriteProcessMemory
SetHandleCount
LoadLibraryW
HeapDestroy
QueryPerformanceCounter
IsDebuggerPresent
EncodePointer
TlsAlloc
GetEnvironmentStringsW
GetModuleFileNameA
RtlUnwind
IsProcessorFeaturePresent
HeapAlloc
DeleteCriticalSection
GetCurrentProcess
GetStringTypeW
GetCurrentProcessId
LCMapStringW
OpenProcess
GetCPInfo
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetStartupInfoW
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
HeapSize
WideCharToMultiByte
GetModuleFileNameW
TlsFree
SetUnhandledExceptionFilter
WriteFile
CloseHandle
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
DecodePointer
GetModuleHandleW
GetOEMCP
TerminateProcess
IsValidCodePage
HeapCreate
TlsGetValue
Sleep
GetFileType
GetTickCount
TlsSetValue
ExitProcess
GetCurrentThreadId
LeaveCriticalSection
SetLastError
InterlockedIncrement
PE exports
Number of PE resources by type
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

TimeStamp
2013:02:12 13:45:43+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
19456

LinkerVersion
10.0

FileTypeExtension
dll

InitializedDataSize
14848

SubsystemVersion
5.1

EntryPoint
0x16e0

OSVersion
5.1

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 adc5f6a521f8a77d0db08505b7034b68
SHA1 6ba54aeedd59cb1a994b75d948c9da7a2d01efee
SHA256 07b2fd450c20d56a84962a0cd71ccc8aaeff13919d6b6f36b49681ec4bece70b
ssdeep

authentihash ca3b56f21a19356205bf5b787e838e3aa3c2c5610a11d284dd7bfa964348870e
imphash d4027bdb037c7551ab9a229dbba73136
File size 34.5 KB ( 35328 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
pedll

VirusTotal metadata
First submission 2013-02-14 10:30:45 UTC (5 年, 4 ヶ月前)
Last submission 2017-11-06 12:34:54 UTC (7 ヶ月, 2 週間前)
ファイル名 password.dll
6ba54aeedd59cb1a994b75d948c9da7a2d01efee
adc5f6a521f8a77d0db08505b7034b68
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
コメントはありません. この項目について、VirusTotal コミュニティのメンバーはまだ誰もコメントしていません。是非、コメントしてください。

コメントを投稿してください...

?
コメントを投稿

サインインしていません。登録ユーザーのみがコメントを投稿できます。サインインして意見をお聞かせください。

投票はありません. この項目に対してまだ誰も投票していません。是非、投票してください。