× Cookies estão desativados! Este site requer que os cookies estejam habilitados para funcionar corretamente
SHA256: 10f018be8341a82995c8a617b8e16ef5bef28f3f8278bd69224da6c9ac35bbea
Nome do arquivo: chtbrkg.dll
Taxa de detecção: 1 / 56
Data da análise: 2016-11-12 22:52:54 UTC ( 2 anos, 1 mês atrás ) Visualizar últimos
Antivírus Resultado Atualização
CrowdStrike Falcon (ML) malicious_confidence_84% (D) 20161024
Ad-Aware 20161112
AegisLab 20161112
AhnLab-V3 20161112
Alibaba 20161110
ALYac 20161112
Antiy-AVL 20161112
Arcabit 20161112
Avast 20161112
AVG 20161112
Avira (no cloud) 20161112
AVware 20161112
Baidu 20161111
BitDefender 20161112
Bkav 20161112
CAT-QuickHeal 20161112
ClamAV 20161112
CMC 20161112
Comodo 20161112
Cyren 20161112
DrWeb 20161112
Emsisoft 20161112
ESET-NOD32 20161112
F-Prot 20161112
F-Secure 20161112
Fortinet 20161112
GData 20161112
Ikarus 20161112
Sophos ML 20161018
Jiangmin 20161112
K7AntiVirus 20161112
K7GW 20161112
Kaspersky 20161112
Kingsoft 20161112
Malwarebytes 20161112
McAfee 20161112
McAfee-GW-Edition 20161112
Microsoft 20161112
eScan 20161112
NANO-Antivirus 20161112
nProtect 20161112
Panda 20161112
Qihoo-360 20161112
Rising 20161112
Sophos AV 20161112
SUPERAntiSpyware 20161112
Symantec 20161112
Tencent 20161112
TheHacker 20161111
TrendMicro 20161112
TrendMicro-HouseCall 20161112
VBA32 20161111
VIPRE 20161112
ViRobot 20161112
Yandex 20161112
Zillya 20161111
Zoner 20161112
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2016

Original name LSP.dll
Internal name LSP.dll
File version 1.0.0.2
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-10-18 07:58:04
Entry Point 0x0003222D
Number of sections 6
PE sections
PE imports
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
GetStdHandle
InterlockedPopEntrySList
WaitForSingleObject
SignalObjectAndWait
CreateTimerQueue
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
EnumSystemLocalesW
FreeEnvironmentStringsW
InitializeSListHead
GetLocaleInfoW
SetStdHandle
WideCharToMultiByte
WriteFile
GetSystemTimeAsFileTime
SetThreadAffinityMask
GetThreadTimes
HeapReAlloc
GetStringTypeW
GetOEMCP
GetThreadPriority
FreeLibraryAndExitThread
OutputDebugStringW
FindClose
TlsGetValue
FormatMessageA
EncodePointer
OutputDebugStringA
InterlockedPushEntrySList
SetLastError
GetModuleFileNameW
TryEnterCriticalSection
IsDebuggerPresent
HeapAlloc
GetModuleFileNameA
SetThreadPriority
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
SetFilePointerEx
DeleteTimerQueueTimer
RegisterWaitForSingleObject
CreateThread
InterlockedFlushSList
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
DecodePointer
TerminateProcess
GetModuleHandleExW
GlobalAlloc
ChangeTimerQueueTimer
ReadConsoleW
GetCurrentThreadId
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
TerminateThread
LoadLibraryW
GetVersionExW
SetEvent
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
RtlUnwind
FreeLibrary
GetFileSize
GetStartupInfoW
DeleteFileW
GetProcAddress
GetProcessHeap
QueryDepthSList
CompareStringW
ExpandEnvironmentStringsW
FindFirstFileExA
ResetEvent
CreateTimerQueueTimer
FindNextFileA
IsValidLocale
DuplicateHandle
GetUserDefaultLCID
GetProcessAffinityMask
CreateEventW
CreateFileW
CreateEventA
GetFileType
TlsSetValue
ExitProcess
LeaveCriticalSection
GetLastError
LCMapStringW
GlobalFree
GetConsoleCP
UnregisterWaitEx
GetEnvironmentStringsW
WaitForSingleObjectEx
SwitchToThread
UnregisterWait
GetCurrentProcessId
GetCommandLineW
GetCPInfo
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
ReleaseSemaphore
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
GetACP
GetModuleHandleW
GetFileAttributesExW
GetLogicalProcessorInformation
GetNumaHighestNodeNumber
IsValidCodePage
GetTempPathW
VirtualFree
Sleep
VirtualAlloc
StrStrIA
PathFindFileNameW
IsCharAlphaNumericA
MessageBoxA
setsockopt
socket
getprotobyname
recv
WSACloseEvent
send
WSACreateEvent
WSAStartup
gethostbyname
WSCGetProviderPath
connect
WSCEnumProtocols
WSAResetEvent
htons
closesocket
PE exports
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
CHINESE SIMPLIFIED 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
160768

ImageVersion
0.0

FileVersionNumber
1.0.0.2

LanguageCode
Process default

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
14.0

FileTypeExtension
dll

OriginalFileName
LSP.dll

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0.0.2

TimeStamp
2016:10:18 08:58:04+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
LSP.dll

ProductVersion
1.0.0.2

SubsystemVersion
6.0

OSVersion
6.0

FileOS
Windows NT 32-bit

LegalCopyright
Copyright (C) 2016

MachineType
Intel 386 or later, and compatibles

CodeSize
416768

FileSubtype
0

ProductVersionNumber
1.0.0.2

EntryPoint
0x3222d

ObjectFileType
Dynamic link library

File identification
MD5 dfa4bc1929fd3757bfb79591f9b81409
SHA1 50b3cbeaf0978d02daf5389175c0080c441d10d5
SHA256 10f018be8341a82995c8a617b8e16ef5bef28f3f8278bd69224da6c9ac35bbea
ssdeep
12288:cj4iXiGvv4JGydHFD0XEPT5Y239VkK1EgiuWZ/4NT2MQ:a3yfQmlwXEPMK1JiuWZ/AT7

authentihash dd0e65aeadb221b255ce7bcbf1e864fb726ca64e7133043c1c4d73bcadae7b2e
imphash 4794e387180c06d9641346fdfcecbc9f
File size 554.5 KB ( 567808 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
pedll

VirusTotal metadata
First submission 2016-10-18 10:34:10 UTC ( 2 anos, 2 meses atrás )
Last submission 2017-01-17 16:29:40 UTC ( 1 ano, 11 meses atrás )
Nomes do arquivo chtbrkg.dll
chtbrkg.dll
chtbrkg.dll
chtbrkg.dll
chtbrkg.dll
LSP.dll
chtbrkg.dll
chtbrkg.dll
chtbrkg.dll
chtbrkg.dll
chtbrkg.dll
chtbrkg.dll
chtbrkg.dll
chtbrkg.dll
Sem comentários. Ainda nenhum membro da Comunidade VirusTotal comentou este item, seja o primeiro!

Deixe o seu comentário...

?
Postar comentário

Você ainda não entrou. Apenas usuários registrados podem comentar, entre e expresse-se!

Sem votos. Ainda nenhum usuário votou neste item, seja o primeiro!