× Cookie が無効になっています。 このサイトを正しく動作させるには、Cookie を有効にする必要があります
SHA256: 604b90a979307f938b5dfc0e5ea59f8a52c580e983295bab4c09e4f9f5295e8e
ファイル名: ards_mfc.dll
検出率: 1 / 52
分析日時: 2014-05-14 13:26:38 UTC (3 年, 11 ヶ月前)
ウイルス対策ソフト 結果 更新日
Symantec WS.Reputation.1 20140514
Ad-Aware 20140514
AegisLab 20140514
Yandex 20140514
AhnLab-V3 20140513
AntiVir 20140514
Antiy-AVL 20140514
Avast 20140514
AVG 20140514
Baidu-International 20140514
BitDefender 20140514
Bkav 20140514
ByteHero 20140514
CAT-QuickHeal 20140514
ClamAV 20140514
CMC 20140512
Commtouch 20140514
Comodo 20140514
DrWeb 20140514
Emsisoft 20140514
ESET-NOD32 20140514
F-Prot 20140514
F-Secure 20140514
Fortinet 20140514
GData 20140514
Ikarus 20140514
Jiangmin 20140514
K7AntiVirus 20140513
K7GW 20140514
Kaspersky 20140514
Kingsoft 20140514
Malwarebytes 20140514
McAfee 20140514
McAfee-GW-Edition 20140514
Microsoft 20140514
eScan 20140514
NANO-Antivirus 20140514
Norman 20140514
nProtect 20140514
Panda 20140514
Qihoo-360 20140514
Rising 20140507
Sophos AV 20140514
SUPERAntiSpyware 20140514
Tencent 20140514
TheHacker 20140513
TotalDefense 20140514
TrendMicro 20140514
TrendMicro-HouseCall 20140514
VBA32 20140514
VIPRE 20140514
ViRobot 20140514
Zillya 20140512
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2012

Product ards_mfc ??????? ??? ??????
Original name ards_mfc.DLL
Internal name ards_mfc
File version 1, 0, 0, 1
Description ards_mfc DLL
Packers identified
PEiD Armadillo v1.xx - v2.xx
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-03-17 00:22:17
Entry Point 0x00001CED
Number of sections 5
PE sections
PE imports
LocalFree
WriteProcessMemory
LocalAlloc
OpenProcess
CloseHandle
ReadProcessMemory
Ord(1197)
Ord(3147)
Ord(4080)
Ord(6375)
Ord(3953)
Ord(1168)
Ord(3738)
Ord(269)
Ord(3136)
Ord(2982)
Ord(3079)
Ord(2512)
Ord(3262)
Ord(826)
Ord(1575)
Ord(1182)
Ord(825)
Ord(600)
Ord(3081)
Ord(1176)
Ord(5307)
Ord(1578)
Ord(3259)
Ord(4424)
Ord(5714)
Ord(5289)
Ord(3830)
Ord(2725)
Ord(3346)
Ord(2396)
Ord(4622)
Ord(561)
Ord(3831)
Ord(1255)
Ord(1243)
Ord(3825)
Ord(1570)
Ord(2554)
Ord(4486)
Ord(342)
Ord(1577)
Ord(815)
Ord(1089)
Ord(2985)
Ord(5731)
Ord(4698)
Ord(3922)
Ord(2976)
Ord(1116)
Ord(1253)
Ord(5300)
Ord(6467)
Ord(5199)
Ord(4274)
Ord(5302)
Ord(4465)
Ord(4079)
__CxxFrameHandler
malloc
??2@YAPAXI@Z
??1type_info@@UAE@XZ
_adjust_fdiv
free
_onexit
__dllonexit
_initterm
PE exports
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
JAPANESE DEFAULT 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.1

UninitializedDataSize
0

LanguageCode
Japanese

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
20480

FileOS
Win32

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2012

FileVersion
1, 0, 0, 1

TimeStamp
2012:03:17 01:22:17+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
ards_mfc

FileAccessDate
2014:05:14 14:26:50+01:00

ProductVersion
1, 0, 0, 1

FileDescription
ards_mfc DLL

OSVersion
4.0

FileCreateDate
2014:05:14 14:26:50+01:00

OriginalFilename
ards_mfc.DLL

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
4096

ProductName
ards_mfc

ProductVersionNumber
1.0.0.1

EntryPoint
0x1ced

ObjectFileType
Dynamic link library

File identification
MD5 0bc291375bf691c432c66e7b61bcb266
SHA1 32c47666322de9246a27225bb7c655230c65746c
SHA256 604b90a979307f938b5dfc0e5ea59f8a52c580e983295bab4c09e4f9f5295e8e
ssdeep
96:5jtk6ix+oWsXSdj1V09eyLhizOrCO1hRNmz4ryOg4rngXuw3Vb5oS1Jo:5Kx+oWsXSdj1ByLwWjFw6ywn05J5oS6

imphash 0b1708882da0be59992476ee67d41d9a
File size 24.0 KB ( 24576 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
armadillo pedll

VirusTotal metadata
First submission 2012-04-20 13:00:32 UTC (6 年前)
Last submission 2014-05-14 13:26:38 UTC (3 年, 11 ヶ月前)
ファイル名 vti-rescan
ards_mfc
smona_604b90a979307f938b5dfc0e5ea59f8a52c580e983295bab4c09e4f9f5295e8e.bin
ards_mfc.dll
ards_mfc.DLL
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
コメントはありません. この項目について、VirusTotal コミュニティのメンバーはまだ誰もコメントしていません。是非、コメントしてください。

コメントを投稿してください...

?
コメントを投稿

サインインしていません。登録ユーザーのみがコメントを投稿できます。サインインして意見をお聞かせください。

投票はありません. この項目に対してまだ誰も投票していません。是非、投票してください。