× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c7da870ad431d2bac13b40963ee5e7fec8fbc7ca7bc2b40308374ba5149e3651
File name: libeay32.dll
Detection ratio: 0 / 67
Analysis date: 2017-11-16 02:14:43 UTC ( 2 months ago )
Antivirus Result Update
Ad-Aware 20171116
AegisLab 20171116
AhnLab-V3 20171115
Alibaba 20170911
ALYac 20171116
Antiy-AVL 20171116
Arcabit 20171116
Avast 20171116
Avast-Mobile 20171115
AVG 20171116
Avira (no cloud) 20171115
AVware 20171116
Baidu 20171116
BitDefender 20171116
Bkav 20171115
CAT-QuickHeal 20171115
ClamAV 20171115
CMC 20171109
Comodo 20171116
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cylance 20171116
Cyren 20171116
DrWeb 20171116
eGambit 20171116
Emsisoft 20171116
Endgame 20171024
ESET-NOD32 20171116
F-Prot 20171116
F-Secure 20171116
Fortinet 20171116
GData 20171116
Ikarus 20171115
Sophos ML 20170914
Jiangmin 20171115
K7AntiVirus 20171115
K7GW 20171116
Kaspersky 20171116
Kingsoft 20171116
Malwarebytes 20171116
MAX 20171116
McAfee 20171116
McAfee-GW-Edition 20171116
Microsoft 20171116
eScan 20171116
NANO-Antivirus 20171116
nProtect 20171116
Palo Alto Networks (Known Signatures) 20171116
Panda 20171115
Qihoo-360 20171116
Rising 20171116
SentinelOne (Static ML) 20171113
Sophos AV 20171116
SUPERAntiSpyware 20171116
Symantec 20171115
Symantec Mobile Insight 20171116
Tencent 20171116
TheHacker 20171112
TotalDefense 20171115
TrendMicro 20171116
TrendMicro-HouseCall 20171116
Trustlook 20171116
VBA32 20171115
VIPRE 20171116
ViRobot 20171116
Webroot 20171116
WhiteArmor 20171104
Yandex 20171116
Zillya 20171115
ZoneAlarm by Check Point 20171116
Zoner 20171116
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright © 1998-2006 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.

Product The OpenSSL Toolkit
Original name libeay32.dll
Internal name libeay32
File version 1.0.0k
Description OpenSSL shared library
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-02-08 20:37:29
Entry Point 0x00001058
Number of sections 11
PE sections
PE imports
DeregisterEventSource
RegisterEventSourceA
ReportEventA
GetDeviceCaps
CreateDCA
DeleteDC
GetBitmapBits
SelectObject
BitBlt
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
GetObjectA
GetLastError
GetStdHandle
EnterCriticalSection
FreeLibrary
QueryPerformanceCounter
ExitProcess
VirtualProtect
GetVersionExA
LoadLibraryA
DeleteCriticalSection
GetCurrentProcessId
MultiByteToWideChar
GetProcAddress
GetModuleHandleA
FindFirstFileA
CloseHandle
FindNextFileA
GetCurrentThreadId
GlobalMemoryStatus
InitializeCriticalSection
VirtualQuery
FindClose
TlsGetValue
GetFileType
GetTickCount
GetVersion
SetLastError
LeaveCriticalSection
GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxA
htonl
accept
ioctlsocket
WSAStartup
connect
shutdown
htons
WSAGetLastError
getsockopt
closesocket
ntohl
send
ntohs
listen
WSACleanup
gethostbyname
WSASetLastError
recv
setsockopt
socket
bind
recvfrom
sendto
getservbyname
strncmp
malloc
sscanf
realloc
fread
fclose
strcat
__dllonexit
_stricmp
fgets
abort
_setmode
strtoul
printf
_chmod
fflush
fopen
strlen
strncpy
tolower
strchr
fputc
_fdopen
_errno
fwrite
fseek
qsort
_open
fputs
ftell
_snprintf
sprintf
memcmp
exit
localtime
strtol
time
_isctype
strrchr
_pctype
gmtime
free
getenv
wcsstr
atoi
vfprintf
_wfopen
calloc
_write
_getch
raise
_stat
_vsnprintf
perror
memmove
setvbuf
_read
strerror
strcmp
strcpy
memchr
__mb_cur_max
_strnicmp
fprintf
_exit
signal
_ftime
_iob
PE exports
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
1703424

ImageVersion
1.0

ProductName
The OpenSSL Toolkit

FileVersionNumber
1.0.0.11

UninitializedDataSize
11776

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
2.22

FileTypeExtension
dll

OriginalFileName
libeay32.dll

MIMEType
application/octet-stream

Subsystem
Windows command line

FileVersion
1.0.0k

TimeStamp
2013:02:08 21:37:29+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
libeay32

ProductVersion
1.0.0k

FileDescription
OpenSSL shared library

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright 1998-2006 The OpenSSL Project. Copyright 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
The OpenSSL Project, http://www.openssl.org/

CodeSize
1098240

FileSubtype
0

ProductVersionNumber
1.0.0.11

EntryPoint
0x1058

ObjectFileType
Dynamic link library

CarbonBlack CarbonBlack acts as a surveillance camera for computers
Execution parents
PE resource-wise parents
Compressed bundles
File identification
MD5 a9f8f35cc2caf8dba7167b91420a680b
SHA1 6fd1de054c228e7d1a515b08377a4b4993e79c4b
SHA256 c7da870ad431d2bac13b40963ee5e7fec8fbc7ca7bc2b40308374ba5149e3651
ssdeep
49152:kwqSuGMVeZlrWohOGxzF9g4ojLis+x/FJuV2JI:rqSuGMVeZlrWohOGR9oPiRvJ

authentihash d3725fb924aa0cf277c9f57d601edb065b7803e994a0130c43d5ec579238f526
imphash 32323da9e3f4928cdcb316e2581c8f7b
File size 1.6 MB ( 1704448 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.1%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
pedll via-tor

VirusTotal metadata
First submission 2013-02-11 16:04:51 UTC ( 4 years, 11 months ago )
Last submission 2017-10-26 06:16:13 UTC ( 2 months, 3 weeks ago )
File names LIBEAY32.DLL
sbs_ve_ambr_20150118143307.435_ 53
45
sbs_ve_ambr_20150316173856.477_ 304
fil41A8FD062FC175887A14385F379E07A3
sbs_ve_ambr_20150222001929.226_ 156
libeay32.dll123_
_98EB990669CD4718BE71FD2C45FBBDD9
vti-rescan
imm-flt-63053
10936539
libf66b.tmp
sbs_ve_ambr_20150114183810.295_ 154
imm-flt-63113
149964674_LIBEAY32.DLL
sbs_ve_ambr_20150307180404.067_ 306
libeay32.dll
libeay32.dll
sbs_ve_ambr_20150301072614.196_ 989
sbs_ve_ambr_20150117154257.404_ 186
sbs_ve_ambr_20150114183817.126_ 301
108
47
is-ugu3m.tmp
sbs_ve_ambr_20150121153708.719_ 1053102
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!