× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ea216cede2a1eff5d76a2f8258d4a89d822f45c3951c5a4734c16ce163153a8f
File name: injlib-client.dll
Detection ratio: 10 / 64
Analysis date: 2017-08-09 19:33:42 UTC ( 3 months, 1 week ago ) View latest
Antivirus Result Update
Antiy-AVL Trojan/Win32.SGeneric 20170809
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20170804
Cylance Unsafe 20170809
DrWeb Trojan.PWS.Kronos.1 20170809
Endgame malicious (moderate confidence) 20170721
ESET-NOD32 Win32/Agent.QMH 20170809
NANO-Antivirus Trojan.Win32.Agent.ddnvsr 20170809
Qihoo-360 HEUR/QVM40.1.0D88.Malware.Gen 20170809
Rising Malware.Generic.2!tfe (thunder:pfZ29NmyYNI) 20170809
Symantec ML.Attribute.HighConfidence 20170809
Ad-Aware 20170809
AegisLab 20170809
AhnLab-V3 20170809
Alibaba 20170809
ALYac 20170809
Arcabit 20170809
Avast 20170809
AVG 20170809
Avira (no cloud) 20170809
AVware 20170809
Baidu 20170809
BitDefender 20170809
Bkav 20170809
CAT-QuickHeal 20170809
ClamAV 20170809
CMC 20170809
Comodo 20170809
Cyren 20170809
Emsisoft 20170809
F-Prot 20170809
F-Secure 20170809
Fortinet 20170809
GData 20170809
Ikarus 20170809
Sophos ML 20170607
Jiangmin 20170809
K7AntiVirus 20170809
K7GW 20170809
Kaspersky 20170809
Kingsoft 20170809
Malwarebytes 20170809
MAX 20170809
McAfee 20170809
McAfee-GW-Edition 20170809
Microsoft 20170809
eScan 20170809
nProtect 20170809
Palo Alto Networks (Known Signatures) 20170809
Panda 20170809
SentinelOne (Static ML) 20170806
Sophos AV 20170809
SUPERAntiSpyware 20170809
Symantec Mobile Insight 20170809
Tencent 20170809
TheHacker 20170807
TrendMicro 20170809
TrendMicro-HouseCall 20170809
Trustlook 20170809
VBA32 20170809
VIPRE 20170809
ViRobot 20170809
Webroot 20170809
WhiteArmor 20170731
Yandex 20170807
Zillya 20170809
ZoneAlarm by Check Point 20170809
Zoner 20170809
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-07-11 21:18:15
Entry Point 0x000011F0
Number of sections 4
PE sections
PE imports
GetLastError
HeapFree
EnterCriticalSection
WriteProcessMemory
LoadLibraryW
HeapAlloc
TlsAlloc
GetVersionExA
LoadLibraryA
DeleteCriticalSection
GetCurrentProcess
LocalAlloc
CreateThread
MultiByteToWideChar
GetProcAddress
VirtualProtectEx
GetProcessHeap
GetModuleHandleA
GlobalAddAtomW
WideCharToMultiByte
ExpandEnvironmentStringsW
CloseHandle
HeapReAlloc
LocalFree
InitializeCriticalSection
TlsGetValue
Sleep
TlsSetValue
DebugBreak
GetCurrentThreadId
VirtualAlloc
GetCurrentProcessId
SetLastError
LeaveCriticalSection
PathRemoveExtensionW
InternetQueryOptionA
__WSAFDIsSet
socket
closesocket
inet_addr
send
ioctlsocket
WSAStartup
WSAGetLastError
WSCGetProviderPath
connect
shutdown
htons
recv
select
WSAEnumProtocolsW
strncmp
strchr
_alldiv
_vsnprintf
_chkstk
memmove
memset
_stricmp
isprint
atoi
strtoul
_strnicmp
memcpy
StringFromGUID2
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
dll

TimeStamp
2014:07:11 22:18:15+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
46080

LinkerVersion
9.0

EntryPoint
0x11f0

InitializedDataSize
10752

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 6c64c708ebe14c9675813bf38bc071cf
SHA1 c5d2ba574328e068e083aca33182310174757c27
SHA256 ea216cede2a1eff5d76a2f8258d4a89d822f45c3951c5a4734c16ce163153a8f
ssdeep
1536:QhRbEdfcaPuhfzGzTLsAQX5lmg9UJLrDLLrDad7FFNHdUezNwZ2h:i1EdEhCzTLsAQX5lmeUJLrDLLrDad7FJ

authentihash 03f14f40b07b913a802d41f6cd6ef01996bdbe40a5905d7240980bab61117af0
imphash 20e695d9874298a6869a1d8a574bc35c
File size 56.0 KB ( 57344 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
pedll

VirusTotal metadata
First submission 2017-08-09 19:33:42 UTC ( 3 months, 1 week ago )
Last submission 2017-09-01 12:48:36 UTC ( 2 months, 2 weeks ago )
File names injlib-client.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!