Jump to content

SubspaceDorito

Members
  • Content Count

    6
  • Joined

  • Last visited

Everything posted by SubspaceDorito

  1. Okay just out of curiosity what are they exactly? And why are they dated from the 90's? lol
  2. Okay I have files attached in zip. Again, thank you so much for your help! s2dtconv.zip Sbtrvd32.zip
  3. Okay I will be heading to my server site here in a bit. I'll send a copy of it zipped. Are you further inspecting the files?
  4. The second file came up with a detection. MD5 cf78b8e7c8f790feb4ec2f7b43b925f2 SHA-1 cf696173aed9219669a64ad098764ae4094aa12a SHA-256 4c1275e218557b930dee8f82f5f879a069efc826b238d8e4c61d58b74e190461 Authentihash 305f97c7208847bcdbd09da42ea79ccdfd2a42d9b0bcdacaad56f57f91809ec6 Imphash c42ad238ab85dbe971b16a32f0b4a163 SSDEEP 384:9e9B9cQC3RaoymL8NhrjQaRg+hQG7V7bY:9e9B9BC3By48zj9RgQHY File type Win32 DLL Magic PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit File size 24 KB (24576 bytes) PEiD Microsoft Visual C++ DLL History Creation Time 1996-09-24 20:04:14 First Submission 2009-02-16 12:53:13 Last Submission 2019-09-01 11:57:16 Last Analysis 2019-09-21 13:48:23 Names Sbtrvd32 Sbtrvd32.dll Sbtrvd32.dll_1782A.52B4B1EF_C9FD_4D11_86DC_7B7A8C996382 Sbtrvd32.dll.A95D0BB4_0582_442D_B456_D295EAEB7628 Sbtrvd32.dll_EA17C.52B4B1EF_C9FD_4D11_86DC_7B7A8C996382 Sbtrvd32.dll.E56008F3_1AAA_11D3_B325_00A0C9DA500E Sbtrvd32.dll_BC3C2.52B4B1EF_C9FD_4D11_86DC_7B7A8C996382 Sbtrvd32.dll.D7932909.E72A.49EA.B73F.21F914C7178F Sbtrvd32.dll.B29CE6D9.99DB.4955.9267.EE2C3F8E05F8 MPB_WrappedPackageFiles.Package1_File302 Signature Info Signature Verification File is not signed File Version Information Copyright Copyright © 1996 Product Smithware, Inc. Sbtrvd32 Description Sbtrvd32 Original Name Sbtrvd32.dll Internal Name Sbtrvd32 File Version 5, 0, 0, 1 National Software Reference Library Info Products Complete Accounting (Peachtree Software Inc.) Seagate Analysis (Seagate Technology Inc.) MSDN MS Business Solutions Small Bus. Manager 7.5, Great Plains 7.5, Solomon 5.5, FRx Financial Reporter 6.5 for Great Plains and Forecaster 6.5 (Microsoft) Praetorians (Pyro Studios) MSDN Disc 2537.2 (Microsoft) MSDN Disc 2537.3 (Microsoft) MSDN Disc 2537.4 (Microsoft) MSDN Disc 2537.5 (Microsoft) Track It Standard Edition (Blue Ocean Software Inc.) Crystal Reports XI (Business Objects) File Names Sbtrvd32.dll Sbtrvd32.dll.E56008F3_1AAA_11D3_B325_00A0C9DA500E Sbtrvd32.dll.A95D0BB4_0582_442D_B456_D295EAEB7628, Sbtrvd32.dll.E56008F3_1AAA_11D3_B325_00A0C9DA500E Sbtrvd32.dll.A95D0BB4_0582_442D_B456_D295EAEB7628 Portable Executable Info Header Target Machine Intel 386 or later processors and compatible processors Compilation Timestamp 1996-09-24 20:04:14 Entry Point 8816 Contained Sections 6 Sections Name Virtual Address Virtual Size Raw Size Entropy MD5 .text 4096 13195 13312 6.37 7fd1f9803e03d41f469df64dc1104b2d .rdata 20480 507 512 4.99 07eaabcd458512faa9516d445225edaa .data 24576 8616 4096 2.87 b3d41766db2a73428914f3d0d70dce9e .idata 36864 1598 2048 4.21 219acf31e06c2a94b8f9d0fdf4242ce2 .rsrc 40960 1516 1536 3.48 32b001052a8424e71c5e93347db05eb0 .reloc 45056 1700 2048 4.46 12cc251923fb96008e6956ab702b45ab Imports KERNEL32.dll USER32.dll wbtrv32.dll Exports DDFCloseDataDictionary DDFCreateDataDictionary DDFCreateTable DDFDropTable DDFGetTableNames DDFGetTableProperties DDFOpenDataDictionary OpenBtrieveFile WEP Contained Resources By Type RT_VERSION 1 RT_DIALOG 1 Contained Resources By Language ENGLISH US 2 Contained Resources SHA-256 File Type Type Language 5aa6e753adb1fdb307fe9415162ef456b0110651d23fbfe4752f71436a2fe571 data RT_DIALOG ENGLISH US 945227772ec029df68b362d252155c2d02a7b7dee78d92beb75f77067b2ad6f5 data RT_VERSION ENGLISH US ExifTool File Metadata CharacterSet Unicode CodeSize 13312 CompanyName Smithware, Inc. EntryPoint 0x2270 FileDescription Sbtrvd32 FileFlagsMask 0x003f FileOS Windows NT 32-bit FileSubtype 0 FileType Win32 DLL FileTypeExtension dll FileVersion 5, 0, 0, 1 FileVersionNumber 1.0.0.1 ImageFileCharacteristics Executable, No line numbers, No symbols, 32-bit, DLL ImageVersion 0.0 InitializedDataSize 14848 InternalName Sbtrvd32 LanguageCode English (U.S.) LegalCopyright Copyright 1996 LinkerVersion 3.0 MIMEType application/octet-stream MachineType Intel 386 or later, and compatibles OSVersion 4.0 ObjectFileType Dynamic link library OriginalFileName Sbtrvd32.dll PEType PE32 ProductName Smithware, Inc. Sbtrvd32 ProductVersion 5, 0, 0, 1 ProductVersionNumber 1.0.0.1 Subsystem Windows GUI SubsystemVersion 4.0 TimeStamp 1996:09:24 22:04:14+02:00 UninitializedDataSize 0
  5. Thank you for your response. Here is the outcome on the first file.. MD5 0a190bb56541bf8772cd31a821ab31c9 SHA-1 ce82434b03d81eb446bddf5abbb8b65db2198150 SHA-256 e0cea71f5eb49f6f8eea90efd0039cf7a09696c2dc6d862ea916e2cf7e848f01 Authentihash 65fb336812d47a47898fbeccf2bc520623ff11e990cc7982890f34225f3c2941 Imphash df7bdf901e8ec14c3124496f4dc50207 SSDEEP 1536:6MK+Kr1y0NXIwMrO92nhVBk+8wyVUYzNbidgOjpAR:6MK+cNYvrPhR8nVXzNedgO File type Win32 DLL Magic PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit File size 65 KB (66560 bytes) PEiD Microsoft Visual C++ DLL History Creation Time 1998-01-21 23:15:12 First Submission 2009-06-07 21:56:04 Last Submission 2019-09-01 06:51:24 Last Analysis 2019-09-21 08:08:11 Names sedtconv sedtconv.dll s2dtconv.dll s2dtconv.dll_C9E49.52B4B1EF_C9FD_4D11_86DC_7B7A8C996382 s2dtconv.dll.A95D0BB4_0582_442D_B456_D295EAEB7628 s2dtconv.dll_9E538.52B4B1EF_C9FD_4D11_86DC_7B7A8C996382 s2dtconv.dll.E56008F3_1AAA_11D3_B325_00A0C9DA500E s2dtconv.dll_DA1CC.52B4B1EF_C9FD_4D11_86DC_7B7A8C996382 s2dtconv.dll.D7932909.E72A.49EA.B73F.21F914C7178F s2dtconv.dll.B29CE6D9.99DB.4955.9267.EE2C3F8E05F8 Signature Info Signature Verification File is not signed File Version Information Copyright Copyright (c) 1994-1998 Smithware, Inc. All rights reserved. Product Smithware Data Conversion Library Description Smithware Data Conversion Library Original Name sedtconv.dll Internal Name sedtconv File Version 3.0.0.0 National Software Reference Library Info Products Complete Accounting (Peachtree Software Inc.) Seagate Analysis (Seagate Technology Inc.) MSDN MS Business Solutions Small Bus. Manager 7.5, Great Plains 7.5, Solomon 5.5, FRx Financial Reporter 6.5 for Great Plains and Forecaster 6.5 (Microsoft) Praetorians (Pyro Studios) MSDN Disc 2537.2 (Microsoft) MSDN Disc 2537.3 (Microsoft) MSDN Disc 2537.4 (Microsoft) MSDN Disc 2537.5 (Microsoft) Crystal Reports XI (Business Objects) Peachtree Pro Accounting 2008 (Sage Software) File Names s2dtconv.dll s2dtconv.dll.E56008F3_1AAA_11D3_B325_00A0C9DA500E s2dtconv.dll.A95D0BB4_0582_442D_B456_D295EAEB7628, s2dtconv.dll.E56008F3_1AAA_11D3_B325_00A0C9DA500E s2dtconv.dll.A95D0BB4_0582_442D_B456_D295EAEB7628 Portable Executable Info Header Target Machine Intel 386 or later processors and compatible processors Compilation Timestamp 1998-01-21 23:15:12 Entry Point 22240 Contained Sections 6 Sections Name Virtual Address Virtual Size Raw Size Entropy MD5 .text 4096 47888 48128 6.64 15f9f43d8b575e0810d1c33e022af9e8 .rdata 53248 3234 3584 4.91 7e7de5a1493f0a553dda47ed18d01e72 .data 57344 7656 7168 3.22 76ecac2f2746701009ae2d2c80943524 .idata 65536 1244 1536 4.46 5893110258a7dfc9134f64580d065647 .rsrc 69632 1692 2048 3.01 e38eb4dbc530676885b13324f69d2340 .reloc 73728 2918 3072 6.08 182a9af9e61019dcdc3ee47dc79a6a1f Imports KERNEL32.dll USER32.dll Exports DateToYMD GetDataTypeCode GetDataTypeInformation Get_Binary Get_Bit Get_BtrieveDate Get_BtrieveTime Get_Ctime Get_DecMath Get_Decimal Contained Resources By Type RT_STRING 3 RT_VERSION 1 Contained Resources By Language ENGLISH US 4 Contained Resources SHA-256 File Type Type Language 30d7c3c6e97e94eb6c9016b3fd4289d815c57167ebceeedfbbf4aa348d508d06 ASCII text RT_STRING ENGLISH US 00a0794f0a493c167f64ed8b119d49bdc59f76bb35e5c295dc047095958ee2fd ASCII text RT_STRING ENGLISH US 43e4e3a3a95c8eb9c407ca9ca0266c9e5b76f9c2c5a41d841314832678492c81 ASCII text RT_STRING ENGLISH US 36acbb6eed13e3ccd74a47e84e555b3ca1950fb832a3523e00e45d9f205403c6 data RT_VERSION ENGLISH US ExifTool File Metadata CharacterSet Windows, Latin1 CodeSize 48128 CompanyName Smithware, Inc. EntryPoint 0x56e0 FileDescription Smithware Data Conversion Library FileFlagsMask 0x003f FileOS Unknown (0) FileSubtype 0 FileType Win32 DLL FileTypeExtension dll FileVersion 3.0.0.0 FileVersionNumber 3.0.0.0 ImageFileCharacteristics Executable, No line numbers, No symbols, 32-bit, DLL ImageVersion 0.0 InitializedDataSize 17920 InternalName sedtconv LanguageCode English (U.S.) LegalCopyright Copyright (c) 1994-1998 Smithware, Inc. All rights reserved. LinkerVersion 4.2 MIMEType application/octet-stream MachineType Intel 386 or later, and compatibles OSVersion 4.0 ObjectFileType Dynamic link library OriginalFileName sedtconv.dll PEType PE32 ProductName Smithware Data Conversion Library ProductVersion 3.0.0.0 ProductVersionNumber 3.0.0.0 Subsystem Windows GUI SubsystemVersion 4.0 TimeStamp 1998:01:22 00:15:12+01:00 UninitializedDataSize 0
  6. Good evening, When inspecting one of my servers (Server 2016) I noticed these two files in the picture attached and noticed the strange dates. These are giving me huge red flags however I am running malwarebytes premium and it finds nothing. Anyone know what these could be? They are located on C: root. Any help is appreciated! Thanks, Eric
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.