× Çerezler devre dışı bırakılmış! Bu sitenin düzgün bir şekilde çalışabilmesi için çerezlerin açık olması gerekir.
SHA256: 0239772bbf7ce9469a2e966d640c3ea2fb1042660b0023e02a6c440fb84cab26
Dosya adı: demoplayer.dll
Tespit edilme orani 1 / 56
Analiz tarihi: 2017-02-03 20:28:37 UTC ( 1 yıl, 9 ay önce)
Antivirus Sonuç Güncelle
Bkav [Armadillo v1.xx - v2.xx] 20170203
Ad-Aware 20170203
AegisLab 20170203
AhnLab-V3 20170203
Alibaba 20170122
ALYac 20170203
Antiy-AVL 20170203
Arcabit 20170203
Avast 20170203
AVG 20170203
Avira (no cloud) 20170203
AVware 20170203
Baidu 20170125
BitDefender 20170203
CAT-QuickHeal 20170203
ClamAV 20170203
CMC 20170203
Comodo 20170203
CrowdStrike Falcon (ML) 20170130
Cyren 20170203
DrWeb 20170203
Emsisoft 20170203
ESET-NOD32 20170203
F-Prot 20170203
F-Secure 20170203
Fortinet 20170203
GData 20170203
Ikarus 20170203
Sophos ML 20170111
Jiangmin 20170203
K7AntiVirus 20170203
K7GW 20170203
Kaspersky 20170203
Kingsoft 20170203
Malwarebytes 20170203
McAfee 20170203
McAfee-GW-Edition 20170203
Microsoft 20170203
eScan 20170203
NANO-Antivirus 20170203
nProtect 20170203
Panda 20170203
Qihoo-360 20170203
Rising 20170203
Sophos AV 20170203
SUPERAntiSpyware 20170203
Symantec 20170203
Tencent 20170203
TheHacker 20170202
TrendMicro 20170203
TrendMicro-HouseCall 20170203
Trustlook 20170203
VBA32 20170203
VIPRE 20170203
ViRobot 20170203
WhiteArmor 20170202
Yandex 20170203
Zillya 20170203
Zoner 20170203
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
Packers identified
PEiD Armadillo v1.xx - v2.xx
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2003-08-15 16:38:13
Entry Point 0x00005DD4
Number of sections 4
PE sections
PE imports
GetLastError
GetEnvironmentVariableA
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
GetOEMCP
LCMapStringA
HeapDestroy
ExitProcess
TlsAlloc
FlushFileBuffers
GetEnvironmentStringsW
GetVersionExA
LoadLibraryA
RtlUnwind
GetModuleFileNameA
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetEnvironmentStrings
GetCPInfo
TlsGetValue
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
GetStringTypeA
SetStdHandle
SetFilePointer
RaiseException
WideCharToMultiByte
TlsFree
GetModuleHandleA
SetUnhandledExceptionFilter
WriteFile
GetStartupInfoA
CloseHandle
GetACP
HeapReAlloc
GetStringTypeW
GetCurrentThreadId
TerminateProcess
InitializeCriticalSection
HeapCreate
VirtualFree
InterlockedDecrement
GetFileType
TlsSetValue
IsBadCodePtr
HeapAlloc
GetVersion
InterlockedIncrement
VirtualAlloc
SetLastError
LeaveCriticalSection
PE exports
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2003:08:15 17:38:13+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
53248

LinkerVersion
6.0

FileTypeExtension
dll

InitializedDataSize
65536

SubsystemVersion
4.0

EntryPoint
0x5dd4

OSVersion
4.0

ImageVersion
0.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 50c5e06710a092159f2101e3de56b00e
SHA1 193a84e094aeb89a819865f33bc2dddb6c38d180
SHA256 0239772bbf7ce9469a2e966d640c3ea2fb1042660b0023e02a6c440fb84cab26
ssdeep
1536:fav+DlurqZgNwPRVUrT7DvzugDBUk2pMWoI9ceZ:fa25urm/UbSSWoI9ceZ

authentihash dc44abf02b5692b9de68123a1138d0d3806512218dc9680d969e61e589adfc13
imphash 73e8f79ffade2d3421008522e92a82a9
Dosya boyutu 88.0 KB ( 90112 bytes )
Dosya türü Win32 DLL
Magic lafzı
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (35.8%)
Win64 Executable (generic) (31.7%)
Windows screen saver (15.0%)
Win32 Dynamic Link Library (generic) (7.5%)
Win32 Executable (generic) (5.1%)
Tags
armadillo pedll

VirusTotal metadata
First submission 2009-05-30 17:57:03 UTC ( 9 yıl, 5 ay önce)
Last submission 2017-02-03 20:28:37 UTC ( 1 yıl, 9 ay önce)
Dosya isimleri smona131485675673115539662
smona131485712288795053018
test.exe
smona131485712277850823368
smona131485675660641570656
DemoPlayer.dll
demoplayer.dll
Yorum yok.. Henüz hiçbir VirusTotal Topluluğu üyesi bu öğeye yorum yapmadı.Bunu yapan ilk sen ol!

Yorum ekleyin...

?
Yorumu gönder.

Üye girişi yapmadınız..Sadece kayıtlı kullanıcılar yorum yapabilir.Sesinizi duyurmak için giriş yapın.

Oy yok.. Bu öğeyi daha önce hiç kimse oylamadı.Bunu yapan ilk sen ol!