× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: d93b9d3bb342b98a5b33764d123dcf230087dab401728fdd86b091b359cee9bb
Имя файла: npswf32.dll
Показатель выявления: 0 / 57
Дата анализа: 2015-03-27 13:52:36 UTC (5 месяцев, 1 неделя назад)
Похоже, безвреден! С большой долей уверенности можно предположить, что файл безопасен для использования.
Антивирус Результат Дата обновления
ALYac 20150327
AVG 20150327
AVware 20150327
Ad-Aware 20150327
AegisLab 20150327
Agnitum 20150325
AhnLab-V3 20150327
Alibaba 20150327
Antiy-AVL 20150327
Avast 20150327
Avira 20150327
Baidu-International 20150327
BitDefender 20150327
Bkav 20150327
ByteHero 20150327
CAT-QuickHeal 20150327
CMC 20150325
ClamAV 20150327
Comodo 20150327
Cyren 20150327
DrWeb 20150327
ESET-NOD32 20150327
Emsisoft 20150327
F-Prot 20150327
F-Secure 20150327
Fortinet 20150327
GData 20150327
Ikarus 20150327
Jiangmin 20150326
K7AntiVirus 20150327
K7GW 20150327
Kaspersky 20150327
Kingsoft 20150327
Malwarebytes 20150327
McAfee 20150327
McAfee-GW-Edition 20150327
MicroWorld-eScan 20150327
Microsoft 20150327
NANO-Antivirus 20150327
Norman 20150327
Panda 20150327
Qihoo-360 20150327
Rising 20150327
SUPERAntiSpyware 20150327
Sophos 20150327
Symantec 20150327
Tencent 20150327
TheHacker 20150324
TotalDefense 20150327
TrendMicro 20150327
TrendMicro-HouseCall 20150327
VBA32 20150327
VIPRE 20150327
ViRobot 20150327
Zillya 20150327
Zoner 20150327
nProtect 20150327
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Adobe® Flash® Player. Copyright © 1996-2011 Adobe Systems Incorporated. All Rights Reserved. Adobe and Flash are either trademarks or registered trademarks in the United States and/or other countries.

Publisher Adobe Systems Incorporated
Product Shockwave Flash
Original name npswf32.dll
Internal name Adobe Flash Player 11.1
File version 11,1,102,55
Description Shockwave Flash 11.1 r102
Signature verification Signed file, verified signature
Signing date 6:42 AM 11/1/2011
Signers
[+] Adobe Systems Incorporated
Status Certificate out of its validity period
Valid from 1:00 AM 12/15/2010
Valid to 12:59 AM 12/15/2012
Valid usage Code Signing
Algorithm SHA1
Thumbprint FDF01DD3F37C66AC4C779D92623C77814A07FE4C
Serial number 15 E5 AC 0A 48 70 63 71 8E 39 DA 52 30 1A 04 88
[+] VeriSign Class 3 Code Signing 2010 CA
Status Valid
Valid from 1:00 AM 2/8/2010
Valid to 12:59 AM 2/8/2020
Valid usage Client Auth, Code Signing
Algorithm SHA1
Thumbprint 495847A93187CFB8C71F840CB7B41497AD95C64F
Serial number 52 00 E5 AA 25 56 FC 1A 86 ED 96 C9 D4 4B 33 C7
[+] VeriSign
Status Valid
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm SHA1
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] VeriSign Time Stamping Services Signer - G2
Status Certificate out of its validity period
Valid from 1:00 AM 6/15/2007
Valid to 12:59 AM 6/15/2012
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint ADA8AAA643FF7DC38DD40FA4C97AD559FF4846DE
Serial number 38 25 D7 FA F8 61 AF 9E F4 90 E7 26 B5 D6 5A D5
[+] VeriSign Time Stamping Services CA
Status Certificate out of its validity period
Valid from 1:00 AM 12/4/2003
Valid to 12:59 AM 12/4/2013
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D
Serial number 47 BF 19 95 DF 8D 52 46 43 F7 DB 6D 48 0D 31 A4
[+] Thawte Timestamping CA
Status Valid
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm MD5
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-11-01 05:42:38
Entry Point 0x005B9DE1
Number of sections 7
PE sections
PE imports
RegOpenKeyA
RegCloseKey
RegQueryValueExA
CryptGenRandom
RegOpenKeyExW
CryptAcquireContextW
RegSetValueExA
CryptReleaseContext
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegCreateKeyA
RegQueryValueExW
PrintDlgW
GetSaveFileNameW
CommDlgExtendedError
GetOpenFileNameW
CertEnumCertificatesInStore
CertVerifySubjectCertificateContext
CertOpenStore
CertAddStoreToCollection
CertCreateCertificateContext
CertCompareCertificate
CertCloseStore
CertFreeCertificateContext
CertNameToStrW
CertRDNValueToStrW
CertAddCertificateContextToStore
CertFindCertificateInStore
CryptDecodeObjectEx
CryptVerifyMessageSignature
CertVerifyTimeValidity
CryptFindOIDInfo
CertVerifyRevocation
CertFindRDNAttr
CryptGetMessageCertificates
CertCompareCertificateName
SetGraphicsMode
GetTextMetricsW
GetSystemPaletteEntries
SetStretchBltMode
CreatePen
GetBkMode
SaveDC
CreateFontIndirectA
PolyBezierTo
LPtoDP
GetClipBox
Rectangle
GetDeviceCaps
CreateDCA
LineTo
DeleteDC
EndDoc
RestoreDC
SetBkMode
EnumFontFamiliesW
GetICMProfileA
GetWorldTransform
StretchBlt
SetPixel
SetWorldTransform
CreateSolidBrush
StartPage
IntersectClipRect
BitBlt
GdiFlush
CreateDIBSection
GetObjectW
EnumFontFamiliesA
RealizePalette
SetTextColor
CreateFontIndirectW
GetCurrentObject
MoveToEx
ExtTextOutW
FillPath
CreateBitmap
RectVisible
CreatePalette
GetStockObject
EnumFontFamiliesExW
SelectPalette
GetFontData
ExtTextOutA
StrokePath
GetTextExtentPoint32W
SetTextAlign
SelectClipRgn
CreateCompatibleDC
GetTextAlign
StartDocW
StretchDIBits
GetBkColor
EndPage
CreateRectRgn
GetClipRgn
GetTextExtentPoint32A
SetPolyFillMode
GetTextColor
GetStretchBltMode
DPtoLP
ExtCreatePen
SelectObject
SetBkColor
SetTextCharacterExtra
BeginPath
DeleteObject
GetTextCharacterExtra
SelectClipPath
EndPath
GetStdHandle
GetConsoleOutputCP
ReleaseMutex
CreateWaitableTimerA
GetFileAttributesA
WaitForSingleObject
HeapDestroy
QueueUserAPC
VerifyVersionInfoW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
EnumSystemLocalesW
FreeEnvironmentStringsW
UnhandledExceptionFilter
GetFileInformationByHandle
GetLocaleInfoW
SetStdHandle
FindResourceExA
WideCharToMultiByte
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
SetThreadAffinityMask
HeapReAlloc
GetStringTypeW
SetEvent
LocalFree
SetWaitableTimer
GetEnvironmentVariableA
LoadResource
FindClose
InterlockedDecrement
OutputDebugStringA
GetEnvironmentVariableW
SetLastError
GetUserDefaultUILanguage
GetSystemTime
OpenThread
InitializeCriticalSection
GetUserDefaultLangID
RemoveDirectoryW
IsDebuggerPresent
ExitProcess
FlushFileBuffers
GetModuleFileNameA
GetFileAttributesW
RaiseException
SetThreadPriority
GetUserDefaultLCID
GetVolumeInformationW
TlsGetValue
MultiByteToWideChar
SetFilePointerEx
FlushInstructionCache
CreateMutexA
CreateEventW
_lclose
InterlockedExchangeAdd
CreateSemaphoreA
CreateThread
MoveFileExW
GetSystemDirectoryW
CreateSemaphoreW
GetStartupInfoA
IsProcessorFeaturePresent
GetSystemDirectoryA
SetEnvironmentVariableA
TerminateProcess
SetUnhandledExceptionFilter
WriteConsoleA
GetVersion
SetCurrentDirectoryW
VirtualQuery
SetEndOfFile
GetLocaleInfoA
GetCurrentThreadId
GetProcAddress
SleepEx
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
TerminateThread
LoadLibraryW
DeviceIoControl
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
GetVersionExA
LoadLibraryA
RtlUnwind
ExitThread
GlobalSize
LeaveCriticalSection
GetFileSize
CreateDirectoryA
DeleteFileA
GetDateFormatW
CreateDirectoryW
DeleteFileW
GlobalLock
GetProcessHeap
GetTempFileNameW
GetTimeFormatW
GetFileSizeEx
GetModuleFileNameW
ExpandEnvironmentStringsW
FindNextFileW
GetModuleHandleA
lstrcpyA
ResetEvent
GetTempFileNameA
CreateFileMappingA
FindFirstFileW
WaitForMultipleObjects
ExpandEnvironmentStringsA
GetProcessAffinityMask
GetTimeZoneInformation
CreateFileW
CreateEventA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
GetCurrencyFormatW
InterlockedIncrement
GetLastError
IsValidCodePage
SystemTimeToFileTime
LCMapStringW
HeapCreate
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
LCMapStringA
CompareStringW
GetProcessTimes
GetEnvironmentStringsW
GlobalUnlock
IsDBCSLeadByte
GlobalAlloc
lstrlenW
GetCPInfo
OpenFile
CancelWaitableTimer
SwitchToThread
SizeofResource
CompareFileTime
GetCurrentProcessId
LockResource
GetCurrentDirectoryA
HeapSize
GetCommandLineA
VerSetConditionMask
InterlockedCompareExchange
GetCurrentThread
GetTempPathA
QueryPerformanceFrequency
ReleaseSemaphore
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
FreeResource
_lwrite
GetFileAttributesExW
FindResourceExW
GetEnvironmentStrings
CreateProcessA
GetCurrentDirectoryW
UnmapViewOfFile
GetTempPathW
GetNumberFormatW
VirtualFree
Sleep
FindResourceA
VirtualAlloc
GetOEMCP
CompareStringA
LoadRegTypeLib
SysStringLen
UnRegisterTypeLib
RegisterTypeLib
SysAllocString
LoadTypeLib
SysFreeString
UuidToStringA
RpcStringFreeA
SHGetFolderPathW
SHBrowseForFolderW
SHFileOperationW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHAppBarMessage
SHGetFolderPathA
SHGetDiskFreeSpaceExW
RedrawWindow
GetForegroundWindow
MoveWindow
DestroyMenu
PostQuitMessage
SetWindowPos
IsWindow
EndPaint
WindowFromPoint
SetMenuItemInfoW
GetDC
GetCursorPos
ReleaseDC
SendMessageW
UnregisterClassA
GetClientRect
SetCaretPos
IsClipboardFormatAvailable
LoadImageW
ClientToScreen
GetTopWindow
ShowCaret
DestroyWindow
GetParent
GetPropW
RegisterWindowMessageA
CreateCaret
ShowWindow
SetMenuInfo
SetPropW
GetClipboardFormatNameA
PeekMessageW
EnumDisplayDevicesA
InsertMenuItemW
MapWindowPoints
EnumDisplaySettingsW
DestroyCaret
RegisterClassW
GetQueueStatus
SetClipboardData
LoadStringW
DrawMenuBar
EnableMenuItem
EnumDisplayDevicesW
GetSubMenu
SetTimer
GetKeyboardLayout
FillRect
CopyRect
WaitForInputIdle
CreateWindowExW
CreateMenu
GetWindowInfo
GetMenuItemInfoW
SetFocus
GetMonitorInfoW
PostMessageA
BeginPaint
OffsetRect
DefWindowProcW
KillTimer
MapVirtualKeyW
SendNotifyMessageW
GetClipboardData
GetClassInfoExW
GetSystemMetrics
SetWindowLongW
GetWindowRect
RegisterClassA
SetCapture
ReleaseCapture
PostMessageW
SetWindowTextA
CheckMenuItem
SetWindowTextW
CreateWindowExA
GetDlgItem
SendInput
ScreenToClient
TrackPopupMenu
DialogBoxIndirectParamW
GetDesktopWindow
LoadCursorW
LoadIconW
OpenClipboard
EmptyClipboard
EndDialog
CreateIconIndirect
GetCapture
CreatePopupMenu
RemoveMenu
GetWindowThreadProcessId
MessageBoxW
RegisterClassExW
RegisterClipboardFormatA
SetRectEmpty
DialogBoxParamW
MessageBoxA
SendMessageTimeoutW
RegisterClipboardFormatW
GetKeyState
UpdateLayeredWindow
GetDoubleClickTime
DestroyIcon
GetWindowLongW
IsWindowVisible
SystemParametersInfoW
MonitorFromWindow
SetRect
InvalidateRect
CallWindowProcW
GetCursor
GetFocus
CloseClipboard
SetCursor
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueA
HttpOpenRequestA
InternetReadFile
InternetCloseHandle
InternetOpenA
InternetConnectA
InternetSetOptionW
HttpSendRequestW
timeKillEvent
waveOutReset
waveInOpen
waveOutUnprepareHeader
waveOutGetDevCapsA
timeSetEvent
waveInStop
mixerGetLineControlsA
waveOutGetDevCapsW
waveOutGetPosition
timeBeginPeriod
mixerGetLineInfoA
mixerOpen
waveInPrepareHeader
waveInGetDevCapsA
waveOutPause
waveInMessage
timeEndPeriod
waveInGetDevCapsW
waveOutClose
waveOutMessage
waveInAddBuffer
timeGetTime
waveOutGetNumDevs
waveInClose
timeGetDevCaps
waveOutRestart
waveInGetNumDevs
mixerGetID
mixerGetDevCapsA
waveOutOpen
mixerSetControlDetails
waveInUnprepareHeader
mixerClose
waveOutPrepareHeader
waveInGetPosition
mixerGetControlDetailsA
waveInStart
waveOutWrite
waveInReset
htonl
ioctlsocket
WSAStartup
WSASocketW
getsockname
WSAAddressToStringA
htons
WSASetLastError
select
gethostname
closesocket
WSACloseEvent
ntohl
inet_addr
send
getservbyport
ntohs
WSAGetLastError
gethostbyaddr
connect
WSACleanup
gethostbyname
inet_ntoa
WSAAsyncSelect
recv
WSAIoctl
setsockopt
socket
bind
recvfrom
WSAEnumNetworkEvents
WSAEventSelect
sendto
WSACreateEvent
getservbyname
TranslateBitmapBits
DeleteColorTransform
CloseColorProfile
OpenColorProfileW
CreateColorTransformW
OleUninitialize
CoUninitialize
CoInitialize
OleInitialize
OleFlushClipboard
ReleaseStgMedium
CoCreateInstance
CreateBindCtx
OleSetClipboard
OleGetClipboard
OleIsCurrentClipboard
PropVariantClear
CoTaskMemFree
CoTaskMemAlloc
CopyStgMedium
PE exports
Number of PE resources by type
RT_STRING 64
RT_MENU 48
RT_DIALOG 17
RT_ICON 5
RT_CURSOR 5
RT_GROUP_CURSOR 3
RT_VERSION 2
RT_MANIFEST 1
TYPELIB 1
JAVACLASS 1
RT_BITMAP 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 28
TURKISH DEFAULT 9
SWEDISH NEUTRAL 8
GERMAN 8
CHINESE TRADITIONAL 8
DUTCH 8
FRENCH 8
CHINESE SIMPLIFIED 8
PORTUGUESE BRAZILIAN 8
JAPANESE DEFAULT 8
SPANISH MODERN 8
POLISH DEFAULT 8
CZECH DEFAULT 8
RUSSIAN 8
KOREAN 8
ITALIAN 8
ExifTool file metadata
LegalTrademarks
Adobe Flash Player

SubsystemVersion
5.0

InitializedDataSize
1905664

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
11.1.102.55

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Shockwave Flash 11.1 r102

CharacterSet
Windows, Latin1

LinkerVersion
9.0

FileOS
Win32

MIMEType
application/x-shockwave-flash|application/futuresplash

LegalCopyright
Adobe Flash Player. Copyright 1996-2011 Adobe Systems Incorporated. All Rights Reserved. Adobe and Flash are either trademarks or registered trademarks in the United States and/or other countries.

FileExtents
swf|spl|mfp

FileOpenName
Adobe Flash movie (*.swf)|FutureSplash movie (*.spl)|Adobe Flash Paper (*.mfp)

FileVersion
11,1,102,55

TimeStamp
2011:11:01 06:42:38+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
Adobe Flash Player 11.1

ProductVersion
11,1,102,55

UninitializedDataSize
0

OSVersion
5.0

OriginalFilename
npswf32.dll

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

Debugger
0

CompanyName
Adobe Systems, Inc.

CodeSize
6614528

ProductName
Shockwave Flash

ProductVersionNumber
11.1.102.55

EntryPoint
0x5b9de1

ObjectFileType
Dynamic link library

CarbonBlack CarbonBlack acts as a surveillance camera for computers
While monitoring an end-user machine in-the-wild, CarbonBlack noticed the following files in execution wrote this sample to disk.
PE resource-wise parents
Compressed bundles
File identification
MD5 de3745a51b7ac7fedc356a83f76c8023
SHA1 7043c94cde62cec4fc5840121b7944463b227411
SHA256 d93b9d3bb342b98a5b33764d123dcf230087dab401728fdd86b091b359cee9bb
ssdeep
196608:hiNCwoC243SsEPRASaRqrOiF5bnm6SzEBgQpqxLmntSXuFhbsBOp8m:gcjC2FOSMiF5y6Sz8tpqxLmntSXunp8m

authentihash b43776bd25ee765b2bd2c51d6064f172505e4afce263f2c63937dc92f1f769b3
imphash 6599203ecf57ac34a728919100121e0d
Размер файла 8.1 MБ ( 8527008 bytes )
Тип файла Win32 DLL
Описание
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 EXE PECompact compressed (generic) (82.9%)
Win32 Executable (generic) (9.0%)
Generic Win/DOS Executable (3.9%)
DOS Executable Generic (3.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
pedll signed

VirusTotal metadata
First submission 2011-11-10 22:18:34 UTC (3 лет, 9 месяцев назад)
Last submission 2015-03-27 13:52:36 UTC (5 месяцев, 1 неделя назад)
Имена файлов smona132748821848024706738
smona132125416757700218764
NPSWF32.exe_
de3745a51b7ac7fedc356a83f76c8023
smona132099974917184221038
smona132208692556151677597
NPSWF32.dll_1.exe
d93b9d3bb342b98a5b33764d123dcf230087dab401728fdd86b091b359cee9bb.log
NPSWF32.dll
smona132432939412480916985
101.exe
NPSWF32.dll
file-3131102_dll
npswf32.dll
7043c94cde62cec4fc5840121b7944463b227411
smona_d93b9d3bb342b98a5b33764d123dcf230087dab401728fdd86b091b359cee9bb.bin
Adobe Flash Player 11.1
NPSWF32.exe_ - 保留(普通にFLASHっぽい)
smona132551719519550469718
smona132102860587497104689
Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!