× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: 5520208a33e6409c129b4ea1270771f741d95afe5b048c2a1e6a2cc2ad829934
Имя файла: INetC.dll
Показатель выявления: 1 / 63
Дата анализа: 2017-07-15 21:28:12 UTC (5 месяцев назад) Показать последний анализ
Антивирус Результат Дата обновления
Zillya Backdoor.Ramnit.Win32.829 20170714
Ad-Aware 20170715
AegisLab 20170715
AhnLab-V3 20170715
Alibaba 20170714
ALYac 20170715
Antiy-AVL 20170715
Arcabit 20170715
Avast 20170715
AVG 20170715
Avira (no cloud) 20170715
AVware 20170715
Baidu 20170714
BitDefender 20170715
Bkav 20170715
CAT-QuickHeal 20170715
ClamAV 20170715
CMC 20170714
Comodo 20170715
CrowdStrike Falcon (ML) 20170710
Cylance 20170715
Cyren 20170715
DrWeb 20170715
Emsisoft 20170715
Endgame 20170713
ESET-NOD32 20170715
F-Prot 20170715
F-Secure 20170715
Fortinet 20170629
GData 20170715
Ikarus 20170715
Sophos ML 20170607
Jiangmin 20170715
K7AntiVirus 20170714
K7GW 20170715
Kaspersky 20170715
Kingsoft 20170715
Malwarebytes 20170715
MAX 20170715
McAfee 20170715
McAfee-GW-Edition 20170715
Microsoft 20170715
eScan 20170715
NANO-Antivirus 20170715
nProtect 20170715
Palo Alto Networks (Known Signatures) 20170715
Panda 20170715
Qihoo-360 20170715
Rising 20170715
SentinelOne (Static ML) 20170516
Sophos AV 20170715
SUPERAntiSpyware 20170715
Symantec 20170715
Symantec Mobile Insight 20170713
Tencent 20170715
TheHacker 20170712
TrendMicro 20170715
TrendMicro-HouseCall 20170715
Trustlook 20170715
VBA32 20170714
VIPRE 20170715
ViRobot 20170715
Webroot 20170715
WhiteArmor 20170713
Yandex 20170714
ZoneAlarm by Check Point 20170715
Zoner 20170715
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-11-01 17:17:08
Entry Point 0x00003F51
Number of sections 4
PE sections
PE imports
GetLastError
TerminateThread
lstrlenA
lstrcmpiA
GlobalFree
WaitForSingleObject
SleepEx
GetTickCount
LoadLibraryA
GetFileSize
lstrcatA
DeleteFileA
WideCharToMultiByte
GetProcAddress
SetFilePointer
CreateThread
GetModuleHandleA
lstrcmpA
ReadFile
lstrcpyA
MulDiv
lstrcpynA
LocalFree
WriteFile
GlobalAlloc
CreateFileA
LocalAlloc
CloseHandle
RedrawWindow
GetParent
UpdateWindow
KillTimer
ShowWindow
SetWindowPos
SendDlgItemMessageA
IsWindow
GetWindowRect
DispatchMessageA
EnableWindow
SetDlgItemTextA
PostMessageA
MessageBoxA
SetWindowLongA
TranslateMessage
SystemParametersInfoA
SetWindowTextA
GetWindowLongA
IsWindowVisible
SendMessageA
GetClientRect
GetDlgItem
CreateDialogParamA
wsprintfA
FindWindowExA
SetTimer
LoadIconA
GetMessageA
GetWindowTextA
IsDialogMessageA
DestroyWindow
HttpSendRequestA
FtpCreateDirectoryA
InternetSetOptionA
InternetWriteFile
HttpOpenRequestA
InternetReadFile
InternetCloseHandle
FtpOpenFileA
InternetOpenA
InternetConnectA
HttpAddRequestHeadersA
InternetQueryOptionA
InternetGetLastResponseInfoA
InternetErrorDlg
HttpQueryInfoA
InternetSetFilePointer
InternetCrackUrlA
HttpEndRequestA
HttpSendRequestExA
PE exports
Number of PE resources by type
RT_DIALOG 3
RT_VERSION 1
Number of PE resources by language
ENGLISH US 3
ENGLISH UK 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
20480

ImageVersion
0.0

ProductName
inetc NSIS plug-in

FileVersionNumber
1.0.5.2

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
8.0

FileTypeExtension
dll

OriginalFileName
inetc.dll

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0.5.2

TimeStamp
2015:11:01 18:17:08+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
inetc.dll

ProductVersion
1.0.5.2

FileDescription
inetc NSIS plug-in

OSVersion
4.0

FileOS
Windows NT 32-bit

LegalCopyright
Copyright Takhir Bedertdinov

MachineType
Intel 386 or later, and compatibles

CodeSize
14336

FileSubtype
0

ProductVersionNumber
1.0.5.2

EntryPoint
0x3f51

ObjectFileType
Dynamic link library

CarbonBlack CarbonBlack acts as a surveillance camera for computers
While monitoring an end-user machine in-the-wild, CarbonBlack noticed the following files in execution wrote this sample to disk.
Execution parents
Compressed bundles
File identification
MD5 92ec4dd8c0ddd8c4305ae1684ab65fb0
SHA1 d850013d582a62e502942f0dd282cc0c29c4310e
SHA256 5520208a33e6409c129b4ea1270771f741d95afe5b048c2a1e6a2cc2ad829934
ssdeep
384:VpOSdCjDyyvBwRlX+ODbswYM2s74NS0v0Ac9khYLMkIX0+Gzyekx:rdCjW/lX1PfYM2X1

authentihash 913c66b229ed7e0d24afac92102e85f9e14ce0388fb57d8edc61d77a8c2d4046
imphash 8ef3613e48db9e7b48e33704238cd659
Размер файла 21.5 KБ ( 22016 bytes )
Тип файла Win32 DLL
Описание
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
pedll

VirusTotal metadata
First submission 2015-11-07 04:01:31 UTC (2 лет, 1 месяц назад)
Last submission 2017-12-13 15:49:00 UTC (1 час назад)
Имена файлов 352865098_inetc.dll.bin
vcdotra03076
inetc.dll
vo3dc6a02300
983ac747-ec65-0a20-6a76-41f3dce818f1
vc9f8oa02236
vajn1la02944
vsqr05cg.uqe
vngk1ua03288
32be0cd7-22f4-1e58-905b-dbf840737196
vsll0fl0.029
inetc.dll
c89e3dbf-efe4-d6a4-509a-c1b8b550c2f3
inetc.dll
INetC.dll
va9a42a01996
5520208A33E6409C129B4EA1270771F741D95AFE5B048C2A1E6A2CC2AD829934
INetC.dll
v7uvl1a02892
vb82k6a03084
v91be1a02944
vcf17ra01304
vckstla02300
vag9p6a03116
5520208a33e6409c_inetc.dll
Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!