× Cookies zijn uitgeschakeld! Voor een goede werking van deze website moeten cookies zijn ingeschakeld
SHA256: 3c8dad7f421d59b1a25fcbfa39feafae845c561173ea313b985d4b9c3e65a566
Bestandsnaam: MelvPE v116.2.dll
Detectieverhouding: 0 / 55
Datum van analyse: 2016-01-04 20:57:06 UTC (2 jaren, 10 maanden geleden)
Virusscanner Resultaat Versie
Ad-Aware 20160104
AegisLab 20160104
Yandex 20160103
AhnLab-V3 20160104
Alibaba 20160104
ALYac 20160104
Antiy-AVL 20160104
Arcabit 20160104
Avast 20160104
AVG 20160104
Avira (no cloud) 20160104
AVware 20160104
Baidu-International 20160104
BitDefender 20160104
Bkav 20160104
ByteHero 20160104
CAT-QuickHeal 20160104
ClamAV 20160104
CMC 20160104
Comodo 20160104
Cyren 20160104
DrWeb 20160104
Emsisoft 20160104
ESET-NOD32 20160104
F-Prot 20160104
F-Secure 20160104
Fortinet 20160104
GData 20160104
Ikarus 20151231
Jiangmin 20160104
K7AntiVirus 20160104
K7GW 20160104
Kaspersky 20160104
Malwarebytes 20160104
McAfee 20160104
McAfee-GW-Edition 20160104
Microsoft 20160104
eScan 20160104
NANO-Antivirus 20160104
nProtect 20160104
Panda 20160104
Qihoo-360 20160104
Rising 20160104
Sophos AV 20160104
SUPERAntiSpyware 20160104
Symantec 20160104
Tencent 20160104
TheHacker 20160103
TrendMicro 20160104
TrendMicro-HouseCall 20160104
VBA32 20160102
VIPRE 20160104
ViRobot 20160104
Zillya 20160104
Zoner 20160104
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-01-04 20:55:13
Entry Point 0x0000B9C8
Number of sections 5
.NET details
Module Version ID b43f0bf9-e154-4092-8465-e9184bd86b3a
PE sections
PE imports
IsProcessorFeaturePresent
QueryPerformanceCounter
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentProcessId
GetPrivateProfileIntA
GlobalAlloc
CreateThread
IsDebuggerPresent
Sleep
CloseHandle
GetSystemTimeAsFileTime
VirtualProtect
GlobalUnlock
WideCharToMultiByte
GlobalLock
DecodePointer
GetCurrentThreadId
EncodePointer
GlobalFree
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?_Xout_of_range@std@@YAXPBD@Z
??Bid@locale@std@@QAEIXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?_Syserror_map@std@@YAPBDH@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?_BADOFF@std@@3_JB
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?_Winerror_map@std@@YAPBDH@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?_Xlength_error@std@@YAXPBD@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1_Lockit@std@@QAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0_Lockit@std@@QAE@H@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?uncaught_exception@std@@YA_NXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?id@?$codecvt@DDH@std@@2V0locale@2@A
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Xbad_alloc@std@@YAXXZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Xoverflow_error@std@@YAXPBD@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
_malloc_crt
rand
??0bad_cast@std@@QAE@ABV01@@Z
_lock
__CxxRegisterExceptionObject
fputc
fgetc
??1type_info@@UAE@XZ
__crtTerminateProcess
memset
fclose
__dllonexit
vsprintf_s
fflush
_onexit
__clean_type_info_names_internal
_amsg_exit
??1bad_cast@std@@UAE@XZ
__CxxDetectRethrow
__FrameUnwindFilter
??2@YAPAXI@Z
fwrite
fgetpos
__CxxExceptionFilter
fsetpos
sscanf_s
??_V@YAXPAX@Z
_initterm_e
__CxxUnregisterExceptionObject
sprintf
_cexit
__CxxQueryExceptionSize
_CxxThrowException
?terminate@@YAXXZ
_unlock
_crt_debugger_hook
??3@YAXPAX@Z
free
memcpy_s
_except_handler4_common
_fseeki64
_purecall
memcpy
??0exception@std@@QAE@ABV01@@Z
__crtUnhandledException
??0bad_cast@std@@QAE@PBD@Z
memmove
__CxxFrameHandler3
_lock_file
_calloc_crt
__CppXcptFilter
ungetc
_initterm
_unlock_file
setvbuf
ShellExecuteA
GetWindowThreadProcessId
EmptyClipboard
GetClassNameW
GetTopWindow
SetClipboardData
MessageBoxA
CloseClipboard
GetWindow
OpenClipboard
htonl
socket
recv
send
WSACleanup
WSAStartup
gethostbyname
connect
htons
closesocket
_CorDllMain
Number of PE resources by type
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
dll

TimeStamp
2016:01:04 21:55:13+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
44544

LinkerVersion
12.0

EntryPoint
0xb9c8

InitializedDataSize
584192

SubsystemVersion
6.0

ImageVersion
0.0

OSVersion
6.0

UninitializedDataSize
0

File identification
MD5 ca551ad6912aecf62854321331cb1a5d
SHA1 457e1715d0fc3dd4c56d5a21d10188657e54e864
SHA256 3c8dad7f421d59b1a25fcbfa39feafae845c561173ea313b985d4b9c3e65a566
ssdeep
1536:4diskhwQU3aYDY9jaDY9j7C8sY4Trap7KeCmjQfugq2z8soVaYQH3yV1vvNhLzqd:UiskWQioKeSugJYsLYZvVhi2M

authentihash 54cdf997b89c2c086ce6e73938c8d00ae34dc7113efebc42e9e2963b6f4182db
imphash 41a741b881bb9de26b754b12ac4b6f14
Bestandsgrootte 202.5 KB ( 207360 bytes )
Bestandstype Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
assembly pedll

VirusTotal metadata
First submission 2016-01-04 20:57:06 UTC (2 jaren, 10 maanden geleden)
Last submission 2016-01-04 20:57:06 UTC (2 jaren, 10 maanden geleden)
Bestandsnamen MelvPE v116.2.dll
Geen reactie. Er heeft nog geen VirusTotal-communitylid gereageerd op dit item. Wees de eerste!

Laat een reactie achter...

?
Reactie plaatsen

U bent niet ingelogd. Alleen geregistreerde gebruikers kunnen reacties plaatsen. Log in en discussieer mee!

Geen stemmen. Er heeft nog niemand gestemd op dit item. U kunt de eerste zijn!