× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d461e3801e5c2efe54d202e23d55a3c58a97996c3af59dbefb988a677feb66aa
File name: systeminfo64.dll
Detection ratio: 1 / 56
Analysis date: 2016-10-25 00:41:11 UTC ( 1 year ago ) View latest
Antivirus Result Update
DrWeb Trojan.Dyre.722 20161024
Ad-Aware 20161025
AegisLab 20161024
AhnLab-V3 20161024
Alibaba 20161024
ALYac 20161025
Antiy-AVL 20161025
Arcabit 20161025
Avast 20161025
AVG 20161024
Avira (no cloud) 20161025
AVware 20161025
Baidu 20161024
BitDefender 20161025
Bkav 20161024
CAT-QuickHeal 20161024
ClamAV 20161024
CMC 20161024
Comodo 20161024
CrowdStrike Falcon (ML) 20160725
Cyren 20161024
Emsisoft 20161024
ESET-NOD32 20161025
F-Prot 20161024
F-Secure 20161024
Fortinet 20161024
GData 20161024
Ikarus 20161024
Sophos ML 20161018
Jiangmin 20161024
K7AntiVirus 20161024
K7GW 20161024
Kaspersky 20161024
Kingsoft 20161025
Malwarebytes 20161024
McAfee 20161024
McAfee-GW-Edition 20161024
Microsoft 20161024
eScan 20161025
NANO-Antivirus 20161024
nProtect 20161024
Panda 20161024
Qihoo-360 20161025
Rising 20161024
Sophos AV 20161024
SUPERAntiSpyware 20161024
Symantec 20161025
Tencent 20161025
TheHacker 20161022
TrendMicro 20161025
TrendMicro-HouseCall 20161025
VBA32 20161024
VIPRE 20161025
ViRobot 20161025
Yandex 20161024
Zillya 20161024
Zoner 20161024
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem that targets 64bit architectures.
PE header basic information
Target machine x64
Compilation timestamp 2016-08-16 16:39:59
Entry Point 0x000037F4
Number of sections 5
PE sections
Overlays
MD5 b266ac1addf0205e87bff21cbfd2bec5
File type data
Offset 22016
Size 136
Entropy 6.05
PE imports
RegQueryInfoKeyW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
GetLastError
HeapFree
lstrlenA
lstrcmpiA
GetVersionExW
QueryPerformanceCounter
HeapAlloc
lstrlenW
GetCurrentProcess
GetCurrentProcessId
RtlVirtualUnwind
UnhandledExceptionFilter
MultiByteToWideChar
GetProcAddress
GetProcessHeap
WideCharToMultiByte
SetUnhandledExceptionFilter
RtlLookupFunctionEntry
RtlCaptureContext
GetSystemTimeAsFileTime
HeapReAlloc
GetModuleHandleW
LocalFree
TerminateProcess
Sleep
GetTickCount
GetCurrentThreadId
NetUserEnum
NetApiBufferFree
VariantChangeType
SysFreeString
SysStringLen
VariantClear
SysAllocString
StrFormatByteSizeW
_amsg_exit
??3@YAXPEAX@Z
_CxxThrowException
__C_specific_handler
_unlock
_lock
??1type_info@@UEAA@XZ
malloc
_onexit
??2@YAPEAX_K@Z
__dllonexit
free
_initterm
_vsnwprintf
_XcptFilter
CoInitializeEx
CoCreateInstance
CoUninitialize
CoSetProxyBlanket
CoInitializeSecurity
PE exports
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
AMD AMD64

FileTypeExtension
dll

TimeStamp
2016:08:16 17:39:59+01:00

FileType
Win64 DLL

PEType
PE32+

CodeSize
13312

LinkerVersion
10.0

EntryPoint
0x37f4

InitializedDataSize
9216

SubsystemVersion
5.2

ImageVersion
0.0

OSVersion
5.2

UninitializedDataSize
0

File identification
MD5 c5a0a3dba3c3046e446bd940c20b6092
SHA1 b8f26fd246e095ee3dcf3e92172d0b7be1bbfd28
SHA256 d461e3801e5c2efe54d202e23d55a3c58a97996c3af59dbefb988a677feb66aa
ssdeep
192:MSM4ztfNwB7Q4hgX6eBwdxB2vA3SLRDMIvsYUbnZmYqC0pQKgAb4szBPXGUBIlat:7ztmCKIwBZwJJw0YqzDEgia2RgO/Mrr

authentihash a970fa24e39ac2ee4f687dffcdb7cf898854db0c6b3b6c9d326e2e516d57cf7b
imphash 95d8cb8301ded546112811bb40f3a8cc
File size 21.6 KB ( 22152 bytes )
File type Win32 DLL
Magic literal
PE32+ executable for MS Windows (DLL) (GUI) Mono/.Net assembly

TrID Win64 Executable (generic) (87.3%)
Generic Win/DOS Executable (6.3%)
DOS Executable Generic (6.3%)
Tags
64bits assembly pedll overlay

VirusTotal metadata
First submission 2016-10-25 00:41:11 UTC ( 1 year ago )
Last submission 2016-10-25 00:41:11 UTC ( 1 year ago )
File names systeminfo64.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!