× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 79d4121c1286129c193dce22c23fae9e44b6f06bc53ebe566345db044d9c6bc6
File name: 4Xg1KlEcvEX4.dll.2300120746.DROPPED
Detection ratio: 9 / 56
Analysis date: 2016-11-08 14:06:29 UTC ( 9 months, 2 weeks ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9994 20161107
Bkav W32.eHeur.Malware09 20161108
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20161024
Sophos ML ransom.win32.cerber.a 20161018
Kaspersky HEUR:Trojan.Win32.Generic 20161108
Qihoo-360 HEUR/QVM39.1.0000.Malware.Gen 20161108
Rising Malware.Generic!glWY3GR55jR@2 (thunder) 20161108
Symantec Heur.AdvML.B 20161108
Tencent Win32.Trojan.Raas.Auto 20161108
Ad-Aware 20161108
AegisLab 20161108
AhnLab-V3 20161108
Alibaba 20161108
ALYac 20161108
Antiy-AVL 20161108
Arcabit 20161108
Avast 20161108
AVG 20161108
Avira (no cloud) 20161108
AVware 20161108
BitDefender 20161108
CAT-QuickHeal 20161108
ClamAV 20161108
CMC 20161108
Comodo 20161108
Cyren 20161108
DrWeb 20161108
Emsisoft 20161108
ESET-NOD32 20161108
F-Prot 20161108
F-Secure 20161108
Fortinet 20161108
GData 20161108
Ikarus 20161108
Jiangmin 20161108
K7AntiVirus 20161108
K7GW 20161108
Kingsoft 20161108
Malwarebytes 20161108
McAfee 20161108
McAfee-GW-Edition 20161108
Microsoft 20161108
eScan 20161108
NANO-Antivirus 20161108
nProtect 20161108
Panda 20161107
Sophos AV 20161108
SUPERAntiSpyware 20161108
TheHacker 20161106
TrendMicro 20161108
TrendMicro-HouseCall 20161108
VBA32 20161108
VIPRE 20161108
ViRobot 20161108
Yandex 20161107
Zillya 20161108
Zoner 20161108
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright 2007

Product Bullzip PDF Printer
Original name config.exe
Internal name config
File version 3.00.0029
Description Command line configuraion program
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-11-08 09:12:09
Entry Point 0x0001678A
Number of sections 5
PE sections
PE imports
RegOpenKeyW
AbortPath
BeginPath
AnimatePalette
AngleArc
GlobalAddAtomA
GetACP
CloseHandle
GetDriveTypeW
GetCurrentProcessId
OleCreateFontIndirect
VariantTimeToSystemTime
SysStringLen
SystemTimeToVariantTime
VarBstrFromDate
SysAllocStringLen
VariantChangeType
VariantClear
SysAllocString
SafeArrayDestroy
VariantCopy
SysFreeString
VariantInit
SetFocus
GetMessagePos
SetWindowRgn
RedrawWindow
SetMenuItemBitmaps
LoadBitmapW
SetRectEmpty
EnableScrollBar
DestroyMenu
PostQuitMessage
GetForegroundWindow
DrawStateW
SetWindowPos
GetNextDlgTabItem
IsWindow
GrayStringW
ClientToScreen
WindowFromPoint
DrawIcon
GetMessageTime
SetMenuItemInfoW
SetActiveWindow
GetDC
GetCursorPos
MapDialogRect
GetDlgCtrlID
GetMenu
SendMessageA
UnregisterClassW
GetClassInfoW
GetMenuItemInfoW
DefWindowProcW
DrawTextW
SetScrollPos
CallNextHookEx
IsClipboardFormatAvailable
LoadImageW
TrackPopupMenu
GetTopWindow
CopyAcceleratorTableW
MapVirtualKeyExW
LockWindowUpdate
GetWindowTextLengthW
LoadAcceleratorsW
GetActiveWindow
InvalidateRgn
CopyImage
PtInRect
DrawEdge
GetParent
UpdateWindow
GetPropW
EqualRect
SetClassLongW
ShowScrollBar
GetMenuState
GetWindowTextW
GetMessageW
ShowWindow
DrawFrameControl
GetNextDlgGroupItem
SetPropW
EnumDisplayMonitors
PeekMessageW
TranslateMDISysAccel
InsertMenuItemW
SetWindowPlacement
MapVirtualKeyW
CharUpperW
LoadIconW
GetMenuCheckMarkDimensions
TranslateMessage
IsWindowEnabled
GetWindow
GetMenuDefaultItem
RegisterClassW
GetIconInfo
SetParent
SetClipboardData
ScrollWindow
CharLowerA
IsZoomed
GetWindowPlacement
DestroyWindow
DrawMenuBar
IsCharLowerW
GetClientRect
InvertRect
DrawFocusRect
CreateMenu
GetKeyboardLayout
EnableWindow
MonitorFromPoint
CreateAcceleratorTableW
DeferWindowPos
RealChildWindowFromPoint
CreateWindowExW
TabbedTextOutW
GetWindowLongW
GetUpdateRect
OpenClipboard
IsChild
MapWindowPoints
RegisterWindowMessageW
GetMonitorInfoW
IsIconic
EmptyClipboard
BeginPaint
OffsetRect
DefMDIChildProcW
GetScrollPos
CopyIcon
KillTimer
TrackMouseEvent
GetComboBoxInfo
GetClassInfoExW
ToUnicodeEx
SendDlgItemMessageA
GetSystemMetrics
SetWindowLongW
SetScrollRange
GetWindowRect
InflateRect
SetMenuDefaultItem
SetCapture
ReleaseCapture
IntersectRect
ShowOwnedPopups
PostMessageW
GetKeyNameTextW
GetScrollInfo
DrawTextExW
WaitMessage
CreatePopupMenu
CheckMenuItem
GetSubMenu
GetClassLongW
GetLastActivePopup
DrawIconEx
CharUpperBuffW
SetWindowTextW
SetTimer
GetDlgItem
RemovePropW
SetWindowContextHelpId
BringWindowToTop
ScreenToClient
GetKeyboardState
PostThreadMessageW
GetMenuItemCount
DestroyAcceleratorTable
CheckDlgButton
GetDesktopWindow
IsDialogMessageW
LoadCursorW
GetSystemMenu
ReuseDDElParam
GetMenuItemID
InsertMenuW
FillRect
SetForegroundWindow
NotifyWinEvent
GetMenuStringW
GetAsyncKeyState
EndPaint
CreateDialogIndirectParamW
ReleaseDC
GetScrollRange
SetLayeredWindowAttributes
EndDialog
HideCaret
CopyRect
GetCapture
MessageBeep
LoadMenuW
RemoveMenu
GetWindowThreadProcessId
GetSysColorBrush
BeginDeferWindowPos
MessageBoxW
SendMessageW
DestroyIcon
SetMenu
MoveWindow
AppendMenuW
GetWindowDC
DestroyCursor
AdjustWindowRectEx
GetSysColor
DispatchMessageW
RegisterClipboardFormatW
SetScrollInfo
GetKeyState
EndDeferWindowPos
GetWindowRgn
UpdateLayeredWindow
GetDoubleClickTime
EnableMenuItem
DefFrameProcW
IsWindowVisible
WinHelpW
SubtractRect
UnpackDDElParam
SetCursorPos
SystemParametersInfoW
UnionRect
MonitorFromWindow
FrameRect
SetRect
DeleteMenu
InvalidateRect
CharNextW
CallWindowProcW
GetClassNameW
ModifyMenuW
SetWindowsHookExW
ValidateRect
IsRectEmpty
IsMenu
GetFocus
wsprintfW
CloseClipboard
SetCursor
UnhookWindowsHookEx
TranslateAcceleratorW
IsAppThemed
GetThemeSysColor
GetThemeColor
GetCurrentThemeName
DrawThemeText
OpenThemeData
DrawThemeParentBackground
CloseThemeData
DrawThemeBackground
GetWindowTheme
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
PlaySoundA
ClosePrinter
_except_handler3
exit
Number of PE resources by type
RT_BITMAP 2
RT_VERSION 1
Number of PE resources by language
ENGLISH US 3
PE resources
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
2.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.0.0.29

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
Unicode

InitializedDataSize
62464

EntryPoint
0x1678a

OriginalFileName
config.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2007

FileVersion
3.00.0029

TimeStamp
2016:11:08 10:12:09+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
config

ProductVersion
3.00.0029

FileDescription
Command line configuraion program

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Bullzip

CodeSize
89088

ProductName
Bullzip PDF Printer

ProductVersionNumber
3.0.0.29

FileTypeExtension
dll

ObjectFileType
Executable application

File identification
MD5 75e6faf192d00b296d89df2cd56c454a
SHA1 bbd3b915e8a675cfe1d5d2cb358937909a0f7cdc
SHA256 79d4121c1286129c193dce22c23fae9e44b6f06bc53ebe566345db044d9c6bc6
ssdeep
3072:H9HL/WxRV3qkKHwHqflt/3giUm5nZh2law6:pWjV3qkrHqfvYiUmclx

authentihash b5ce3c79a66ff7e5559c371e7fa6bbd6ac712869547d55c7513cb087830d65d5
imphash d5a41ec24b1db272de205dcd10316e7d
File size 145.0 KB ( 148480 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
pedll

VirusTotal metadata
First submission 2016-11-08 14:01:38 UTC ( 9 months, 2 weeks ago )
Last submission 2016-11-09 01:05:54 UTC ( 9 months, 2 weeks ago )
File names 4Xg1KlEcvEX4.dll
output.102735928.txt
6sbdh
config.exe
4Xg1KlEcvEX4.dll.2300120746.DROPPED
config
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!