home

1ef6ed6fece040a291d52a8afc83c2ae.dll

MD5:
cea2d9449e9f06d81e58109fdd0ad906

SHA-1:
7185c024539b8bdfff3b4880b459cd48698f568e

SHA-256:
54fe36de1049dccf7e92fb1b3f9934e2b18af4cdcdfbeaa1c417652fdfddb7a4

Scanner detections:
5 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/19/2024 5:33:16 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Crypt.XPACK.Gen
7.11.30.172

Bkav FE
HW32.CDB
1.3.0.4959

Comodo Security
Heur.Packed.Unknown
19353

Qihoo 360 Security
Malware.QVM39.Gen
1.0.0.1015

Quick Heal
(Suspicious) - DNAScan
8.14.14.00

File size:
90.5 KB (92,672 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\temp\1ef6ed6fece040a291d52a8afc83c2ae.dll

File PE Metadata
Compilation timestamp:
8/28/2008 12:18:43 AM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

CTPH (ssdeep):
1536:DShbtY4ZPZGI6XodsB9hMfK8pNQuiy9AymNO7WRyrPr2HCMzAIwmxE//Ys1JxO83:uj/rGI6XL9hMf9pNQjy6yeOqRy7kzAzT

Entry address:
0x17000

Entry point:
E9, ED, 07, 00, 00, 37, 03, AC, 3A, 03, B8, 6F, 2B, 9C, 2F, C5, 90, 3C, 14, 20, 28, D7, 3B, 35, 34, 6D, 77, C3, 0B, 49, 40, 34, D8, 7B, 41, 6A, 13, 65, 41, A2, 17, 5C, E3, EF, 3A, 5F, 57, C8, 03, 68, 4C, C2, 71, 0A, FD, EE, A3, 3D, 66, 48, C0, 3F, A0, F0, C3, 83, 97, AF, 5B, C4, B2, 2A, FB, 71, 08, CC, F3, 4B, FB, D5, 16, AE, C0, A3, FD, 7E, C2, CD, 7E, 52, C7, D5, FF, F9, E2, D7, BB, F3, 2C, B6, C7, A7, 6D, 3E, B6, 21, C6, 00, 01, 30, FA, 57, 42, 91, 32, 73, 02, 57, 5F, 78, 02, 33, DB, 81, C7, 00, 96, C6...
 
[+]

Entropy:
7.6301

Packer / compiler:
Xtreme-Protector v1.05

Code size:
1.2 GB (1,271,697,012 bytes)

Scan 1ef6ed6fece040a291d52a8afc83c2ae.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.