× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8ccdf5e1e5a1fdeee1c64d57b1ed108ad115bfee725e1ac5bf6d2a73c2463eb2
File name: gSvwB8EjL.dll
Detection ratio: 6 / 56
Analysis date: 2016-11-23 10:15:20 UTC ( 8 months, 4 weeks ago ) View latest
Antivirus Result Update
Bkav HW32.Packed.7292 20161123
CrowdStrike Falcon (ML) malicious_confidence_83% (D) 20161024
Sophos ML backdoor.win32.zegost.ad 20161018
Qihoo-360 HEUR/QVM39.1.0000.Malware.Gen 20161123
Rising Malware.Generic!glWY3GR55jR@2 (thunder) 20161123
Tencent Win32.Trojan.Raasj.Auto 20161123
Ad-Aware 20161123
AegisLab 20161123
AhnLab-V3 20161123
Alibaba 20161123
ALYac 20161123
Antiy-AVL 20161123
Arcabit 20161123
Avast 20161123
AVG 20161123
Avira (no cloud) 20161123
AVware 20161123
Baidu 20161123
BitDefender 20161123
CAT-QuickHeal 20161123
ClamAV 20161123
CMC 20161123
Comodo 20161122
Cyren 20161123
DrWeb 20161123
Emsisoft 20161123
ESET-NOD32 20161123
F-Prot 20161123
F-Secure 20161123
Fortinet 20161123
GData 20161123
Ikarus 20161123
Jiangmin 20161123
K7AntiVirus 20161123
K7GW 20161123
Kaspersky 20161123
Kingsoft 20161123
Malwarebytes 20161123
McAfee 20161123
McAfee-GW-Edition 20161123
Microsoft 20161123
eScan 20161123
NANO-Antivirus 20161123
nProtect 20161123
Panda 20161122
Sophos AV 20161123
SUPERAntiSpyware 20161123
Symantec 20161123
TheHacker 20161122
TrendMicro 20161123
TrendMicro-HouseCall 20161123
Trustlook 20161123
VBA32 20161122
VIPRE 20161123
ViRobot 20161123
Yandex 20161122
Zillya 20161122
Zoner 20161123
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2008-2015 Auslogics Labs Pty Ltd

Product Shared Library
Original name ActionCenterHelper.dll
Internal name action-center-library
File version 2.0.0.0
Description Action Center Library
Comments Part of Auslogics Programs
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-11-23 07:08:44
Entry Point 0x00011BFE
Number of sections 5
PE sections
Overlays
MD5 57d7f73dfb26e69b468d823cfeb7a315
File type data
Offset 131584
Size 13422
Entropy 7.99
PE imports
ExitThread
InitializeCriticalSection
HeapFree
GetStdHandle
GetDriveTypeW
LCMapStringW
SetHandleCount
GetSystemInfo
GetLastError
WaitForSingleObject
GetOEMCP
LCMapStringA
HeapDestroy
HeapAlloc
IsBadWritePtr
TlsAlloc
GetEnvironmentStringsW
GetVersionExA
LoadLibraryA
RtlUnwind
GetModuleFileNameA
FreeLibrary
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
EnterCriticalSection
GetEnvironmentStrings
GetCurrentProcessId
ReleaseSemaphore
DeleteFileA
WideCharToMultiByte
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetCPInfo
GetCommandLineA
GetProcAddress
TlsFree
GetFileType
ExitProcess
GetTempPathA
RaiseException
CreateSemaphoreA
CreateThread
GetStringTypeA
GetModuleHandleA
ReadFile
GetCurrentThreadId
InterlockedExchange
SetUnhandledExceptionFilter
WriteFile
GetCurrentProcess
CloseHandle
GetTempFileNameA
GetACP
HeapReAlloc
GetStringTypeW
WaitForMultipleObjects
SetFileAttributesA
SetEvent
TerminateProcess
GetEnvironmentVariableA
QueryPerformanceCounter
ResetEvent
IsBadCodePtr
HeapCreate
VirtualFree
CreateEventA
TlsGetValue
IsBadReadPtr
TlsSetValue
CreateFileA
GetTickCount
GetVersion
InterlockedIncrement
VirtualAlloc
LocalAlloc
SetLastError
LeaveCriticalSection
SendMessageA
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
CodeSize
111616

SubsystemVersion
5.0

Comments
Part of Auslogics Programs

InitializedDataSize
60416

ImageVersion
0.0

ProductName
Shared Library

FileVersionNumber
2.0.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
Windows, Latin1

LinkerVersion
2.0

FileTypeExtension
dll

OriginalFileName
ActionCenterHelper.dll

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
2.0.0.0

TimeStamp
2016:11:23 08:08:44+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
action-center-library

ProductVersion
2.x

FileDescription
Action Center Library

OSVersion
5.0

FileOS
Windows NT 32-bit

LegalCopyright
Copyright 2008-2015 Auslogics Labs Pty Ltd

MachineType
Intel 386 or later, and compatibles

CompanyName
Auslogics

LegalTrademarks
Copyright 2008-2015 Auslogics Labs Pty Ltd

FileSubtype
0

ProductVersionNumber
2.0.0.0

EntryPoint
0x11bfe

ObjectFileType
Dynamic link library

Compressed bundles
File identification
MD5 def0d0070d4aed411b84ebd713fd8b92
SHA1 f692b77bea71dbc1b050676482d97c2ad0ac7118
SHA256 8ccdf5e1e5a1fdeee1c64d57b1ed108ad115bfee725e1ac5bf6d2a73c2463eb2
ssdeep
3072:SCujRE6TYH/15JJDfG1DQrGHT48mtoPXf3:/ujRE6Uf1ZDG6/oPP3

authentihash db851132b8dcb661498b4ca017eabddef561541e530797ba6636c891ac08a81a
imphash 2e91ea18ea68e6011f871a9e8402f173
File size 141.6 KB ( 145006 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.4%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
pedll overlay

VirusTotal metadata
First submission 2016-11-23 10:15:20 UTC ( 8 months, 4 weeks ago )
Last submission 2017-08-04 05:43:15 UTC ( 2 weeks, 2 days ago )
File names gSvwB8EjL.dll
ActionCenterHelper.dll
action-center-library
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!