× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 03f50d6804c2a86fbdef01e95913694546c5a594139418c8763c192ef1dabd6e
File name: malware2.dll
Detection ratio: 11 / 57
Analysis date: 2016-09-01 08:55:53 UTC ( 1 year, 2 months ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.151026.9950.9998 20160901
Bkav HW32.Packed.E393 20160831
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20160725
Sophos ML virus.win32.ramnit.j 20160830
Kaspersky HEUR:Trojan.Win32.Generic 20160901
McAfee Ransomware-FRW!B77D1FDC3B51 20160901
McAfee-GW-Edition BehavesLike.Win32.Expiro.cc 20160901
Qihoo-360 HEUR/QVM40.1.0000.Malware.Gen 20160901
Rising Malware.Generic!4ISnBIWlqyQ@6 (thunder) 20160901
Sophos AV Mal/RansomDl-B 20160901
Symantec Heur.AdvML.B 20160901
Ad-Aware 20160901
AegisLab 20160901
AhnLab-V3 20160901
Alibaba 20160901
ALYac 20160901
Antiy-AVL 20160901
Arcabit 20160901
Avast 20160901
AVG 20160901
Avira (no cloud) 20160901
AVware 20160901
BitDefender 20160901
CAT-QuickHeal 20160831
ClamAV 20160901
CMC 20160901
Comodo 20160901
Cyren 20160901
DrWeb 20160901
Emsisoft 20160901
ESET-NOD32 20160901
F-Prot 20160901
F-Secure 20160901
Fortinet 20160901
GData 20160901
Ikarus 20160901
Jiangmin 20160901
K7AntiVirus 20160901
K7GW 20160901
Kingsoft 20160901
Malwarebytes 20160901
Microsoft 20160901
eScan 20160901
NANO-Antivirus 20160901
nProtect 20160901
Panda 20160831
SUPERAntiSpyware 20160831
Tencent 20160901
TheHacker 20160829
TrendMicro 20160901
TrendMicro-HouseCall 20160901
VBA32 20160831
VIPRE 20160831
ViRobot 20160901
Yandex 20160831
Zillya 20160901
Zoner 20160901
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright© 2015 IObit. All Rights Reserved.

Product Driver Booster
Original name Backup.exe
Internal name Backup
File version 3.0.2.0
Description Driver Booster Backup
Comments Driver Booster Backup
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-09-01 05:44:21
Entry Point 0x0000599D
Number of sections 6
PE sections
PE imports
CryptDestroyKey
RegCreateKeyExW
RegCloseKey
RegRestoreKeyW
RegQueryValueExA
RegCreateKeyW
CryptVerifySignatureW
LookupPrivilegeValueW
RegEnumKeyW
RegDeleteKeyW
CryptHashData
RegQueryValueExW
CryptCreateHash
OpenProcessToken
RegOpenKeyExW
RegOpenKeyW
RegOpenKeyExA
RegQueryValueW
CryptReleaseContext
RegQueryInfoKeyW
RegEnumKeyExW
OpenThreadToken
GetUserNameA
CryptDestroyHash
CryptAcquireContextW
CryptGetUserKey
RegDeleteValueW
RegSetValueExW
GetSaveFileNameW
GetFileTitleW
CommDlgExtendedError
SetGraphicsMode
Polygon
TextOutW
CreateFontIndirectW
GetGlyphOutlineW
CreatePen
SetMapMode
SaveDC
SetTextAlign
GetTextMetricsA
GetBkColor
CombineRgn
GetClipBox
ModifyWorldTransform
GetClipRgn
GetPixel
Rectangle
BitBlt
GetBrushOrgEx
OffsetViewportOrgEx
DeleteDC
RestoreDC
SetBkMode
GetCharacterPlacementW
SetWorldTransform
DeleteObject
GetObjectW
CreateDCW
CreateDIBSection
RealizePalette
SetTextColor
CreatePatternBrush
GetDeviceCaps
RectVisible
ExtTextOutW
GetOutlineTextMetricsA
CreateBitmap
Escape
CreatePalette
EnumFontFamiliesExW
SetViewportOrgEx
ScaleWindowExtEx
GetFontData
PtVisible
GetDIBits
ExtCreateRegion
GdiFlush
ScaleViewportExtEx
SelectClipRgn
CreateCompatibleDC
CreateFontW
SelectPalette
SetBrushOrgEx
CreateRectRgn
SelectObject
SetPolyFillMode
Ellipse
SetWindowExtEx
CreateSolidBrush
SetViewportExtEx
GetStockObject
SetPixelV
SetBkColor
GetTextExtentPoint32W
CreateCompatibleBitmap
ImmReleaseContext
ImmGetContext
GetStdHandle
GetDriveTypeW
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
HeapDestroy
EnumUILanguagesW
GetFileAttributesW
lstrcmpW
GetLocalTime
FreeEnvironmentStringsA
CreatePipe
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
GetVolumeInformationW
SetErrorMode
GetLogicalDrives
GetFileInformationByHandle
lstrcatW
GetLocaleInfoW
SetStdHandle
GetFileTime
GetCPInfo
GetStringTypeA
InterlockedExchange
GetSystemTimeAsFileTime
GlobalMemoryStatusEx
HeapReAlloc
GetStringTypeW
SetEvent
LocalFree
FormatMessageW
GetTimeZoneInformation
LoadResource
GlobalHandle
FindClose
TlsGetValue
FormatMessageA
GetFullPathNameW
GetCurrentThread
SetLastError
GetUserDefaultUILanguage
GetSystemTime
DeviceIoControl
InitializeCriticalSection
LocalLock
FindAtomA
RemoveDirectoryW
IsDebuggerPresent
HeapAlloc
GetModuleFileNameA
GlobalFindAtomW
SetProcessWorkingSetSize
EnumResourceLanguagesW
ActivateActCtx
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
SetFilePointerEx
GetSystemPowerStatus
MoveFileW
GetModuleHandleA
SetFileAttributesW
GlobalAddAtomW
CreateThread
DeleteCriticalSection
GetExitCodeThread
CreateSemaphoreW
ConvertDefaultLocale
CreateMutexW
MulDiv
GetDateFormatA
ExitThread
SetUnhandledExceptionFilter
WriteConsoleA
SetCurrentDirectoryW
VirtualQuery
LocalFileTimeToFileTime
GetDiskFreeSpaceExW
SetEndOfFile
GetVersion
InterlockedIncrement
WriteConsoleW
AreFileApisANSI
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetLastError
GetVersionExW
GetExitCodeProcess
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
FreeLibrary
CopyFileW
GetStartupInfoA
UnlockFile
GetFileSize
GlobalDeleteAtom
OpenProcess
GetPrivateProfileIntA
GetDateFormatW
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetProcAddress
GetPrivateProfileIntW
VirtualProtectEx
GetProcessHeap
GetTempFileNameW
CreateFileMappingW
CompareStringW
GetFileSizeEx
GetModuleFileNameW
FreeEnvironmentStringsW
lstrcmpA
FindNextFileW
GetTimeFormatA
GetComputerNameA
FindFirstFileW
DuplicateHandle
CreateEventW
CreateFileW
GetConsoleWindow
GlobalFindAtomA
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
GlobalGetAtomNameW
LocalReAlloc
SystemTimeToFileTime
LCMapStringW
UnmapViewOfFile
GetSystemInfo
lstrlenA
GetConsoleCP
GetThreadLocale
GetEnvironmentStringsW
LockFile
FileTimeToLocalFileTime
GetEnvironmentStrings
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
SetFileTime
GetCommandLineW
GetCurrentDirectoryA
HeapSize
GetCommandLineA
WritePrivateProfileStringW
ExpandEnvironmentStringsW
RaiseException
ReleaseSemaphore
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
GlobalFlags
CloseHandle
GetACP
FreeResource
GetFileAttributesExW
SizeofResource
WideCharToMultiByte
HeapCreate
FindResourceW
VirtualFree
Sleep
VirtualAlloc
GetOEMCP
CompareStringA
VarUI4FromStr
VariantChangeType
SafeArrayGetDim
SafeArrayGetLBound
SysStringLen
SystemTimeToVariantTime
RegisterTypeLib
LoadRegTypeLib
SysAllocString
SafeArrayDestroy
SafeArrayGetUBound
VariantClear
SafeArrayGetVartype
UnRegisterTypeLib
VariantTimeToSystemTime
LoadTypeLib
SysFreeString
SafeArrayCopy
VariantInit
SafeArrayGetElement
GetModuleBaseNameW
EnumProcesses
EnumProcessModules
DragQueryFileW
SHQueryRecycleBinW
SHEmptyRecycleBinW
SHCreateDirectoryExW
DragFinish
SHGetFolderLocation
SHFileOperationW
SHGetPathFromIDListW
ExtractIconExW
SHGetDesktopFolder
Shell_NotifyIconW
SHGetMalloc
CommandLineToArgvW
SHBrowseForFolderW
PathFindFileNameW
SHCopyKeyW
PathIsUNCW
PathFindExtensionW
PathStripToRootW
PathMakeSystemFolderW
PathUnmakeSystemFolderW
InternetTimeFromSystemTimeW
HttpQueryInfoW
InternetGetLastResponseInfoW
InternetConnectW
InternetReadFile
InternetTimeToSystemTimeW
InternetSetOptionW
InternetGetConnectedState
InternetErrorDlg
InternetCloseHandle
HttpSendRequestW
InternetOpenW
HttpOpenRequestW
HttpAddRequestHeadersW
mixerGetLineControlsW
mixerGetControlDetailsW
mciGetErrorStringW
mixerOpen
mixerSetControlDetails
mciSendCommandW
mixerClose
mixerGetDevCapsW
mixerGetLineInfoW
GdipDrawImageRectRect
GdipGetFontStyle
GdipDrawRectangleI
GdipSetClipRect
GdipSaveGraphics
GdipGetGenericFontFamilySansSerif
GdipTranslateMatrix
GdipDrawImageRectRectI
GdipCreateBitmapFromScan0
GdipGetImageVerticalResolution
GdipDisposeImage
GdipImageSelectActiveFrame
GdipGetFamilyName
GdipGetFontSize
GdipGetCompositingMode
GdipGetTextRenderingHint
GdipGetCellAscent
GdipGetClipBounds
GdipSetStringFormatAlign
GdipImageGetFrameCount
GdipGetImageWidth
GdipDrawImageI
GdipStringFormatGetGenericTypographic
GdipCreateFont
GdipCloneBrush
GdipCloneStringFormat
GdipCreateLineBrushFromRectWithAngleI
GdipFree
GdipGetImageRawFormat
GdipGetImageHeight
GdipDeleteStringFormat
GdipTranslateWorldTransform
GdipSetPenDashStyle
GdipSetTextRenderingHint
GdipCreateBitmapFromHICON
GdipGetImageHorizontalResolution
GdipSetImageAttributesColorMatrix
GdipSaveImageToFile
GdipMeasureString
GdipTransformMatrixPoints
GdipSetPenBrushFill
GdipBitmapSetResolution
GdiplusStartup
GdipGetFamily
GdipFillPath
GdipCreateBitmapFromStream
GdipGetImageThumbnail
GdipGetImageEncoders
GdipFillRectangleI
GdipDisposeImageAttributes
GdipSetCompositingMode
GdipClosePathFigure
GdipCreateMatrix
GdipDrawLine
GdipRotateMatrix
GdipGetImageGraphicsContext
GdipRestoreGraphics
GdipGetImageEncodersSize
GdipBitmapLockBits
GdipClonePen
GdipGetCellDescent
GdipStringFormatGetGenericDefault
GdipDrawPath
GdipDeleteFontFamily
GdipCloneFontFamily
GdipCreatePath
GdipBitmapUnlockBits
GdipFillRectangle
GdipDeleteFont
GdipSetPixelOffsetMode
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipDrawLineI
GdipBitmapGetPixel
GdipCreateFontFamilyFromName
GdipSetStringFormatFlags
GdipDeleteBrush
GdipRotateWorldTransform
GdipInvertMatrix
GdipAddPathArcI
GdipSetMatrixElements
GdipSetClipRectI
GdipGetStringFormatFlags
GdipGetClipBoundsI
GdipGetImagePixelFormat
GdipCreateSolidFill
GdipSetSmoothingMode
GdipSetStringFormatTrimming
GdipGetEmHeight
GdipGetDC
GdipDeleteMatrix
GdipGetLineSpacing
GdipDeleteGraphics
GdipTransformPath
GdipCreateImageAttributes
GdipCreateFromHDC
GdipCreatePen1
GdipDrawRectangle
GdipAlloc
GdipDeletePath
GdipDeletePen
GdipSetInterpolationMode
GdipDrawString
GdipCloneImage
GdipReleaseDC
isdigit
_exit
_CIcos
_wtoi
CreateStreamOnHGlobal
OleLockRunning
CoRegisterClassObject
CoInitialize
OleInitialize
CoRevokeClassObject
CoLockObjectExternal
CoCreateGuid
CoTaskMemRealloc
CoCreateInstance
RegisterDragDrop
CLSIDFromProgID
RevokeDragDrop
CoUninitialize
CoCreateInstanceEx
OleSetContainedObject
CLSIDFromString
CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc
SnmpUtilOidCpy
SnmpUtilOidNCmp
SnmpUtilVarBindFree
CreateURLMonikerEx
PE exports
Number of PE resources by type
RT_ICON 6
RT_GROUP_ICON 2
RT_VERSION 1
RT_RCDATA 1
Number of PE resources by language
ENGLISH US 10
PE resources
Debug information
ExifTool file metadata
LegalTrademarks
IObit

SubsystemVersion
5.1

Comments
Driver Booster Backup

LinkerVersion
3.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.0.2.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
Driver Booster Backup

CharacterSet
Windows, Latin1

InitializedDataSize
257536

EntryPoint
0x599d

OriginalFileName
Backup.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2015 IObit. All Rights Reserved.

FileVersion
3.0.2.0

TimeStamp
2016:09:01 06:44:21+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
Backup

ProductVersion
3.0.2.0

UninitializedDataSize
0

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
IObit

CodeSize
40960

ProductName
Driver Booster

ProductVersionNumber
3.0.2.0

FileTypeExtension
dll

ObjectFileType
Executable application

File identification
MD5 b77d1fdc3b51e3c78d9c23117206c901
SHA1 187834907e23beb40386c63744adeeca2f60928a
SHA256 03f50d6804c2a86fbdef01e95913694546c5a594139418c8763c192ef1dabd6e
ssdeep
3072:0/3+waBFKajDMy47NHjwfsbmHBFZQFh70DoeJf+sDTwc+iUpC1xf:0H/m+T0tJ+MkcnSy

authentihash 7de78d6baff97b2666c95db338e5dd24a67c229dfea47d128cfaaa086b176362
imphash 4641b6cf5cd961b3eac157eb9e0c7655
File size 156.5 KB ( 160256 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
pedll

VirusTotal metadata
First submission 2016-09-01 08:55:53 UTC ( 1 year, 2 months ago )
Last submission 2016-09-01 08:55:57 UTC ( 1 year, 2 months ago )
File names Backup.exe
malware2.dll
Backup
HFbf4oNj.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!