» 4.2.0.157.di64.dll
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

4.2.0.157.di64.dll

SoonR Dynamic Link Library

SoonR Inc.

This is installed with Soonr Desktop Client.

File name:

4.2.0.157.di64.dll

Publisher:

SoonR Inc. (signed and verified)

Product:

SoonR Dynamic Link Library

Description:

SoonR Dynamic Link Library

Version:

4,2,0,157

MD5:

d0476a51a97c41de0a14956e00885971

SHA-1:

770bce697edebba825ffd02f23b5f0de9d27a60e

SHA-256:

ecfe397d5581acca03e60efa144bbb35ca51987aeffb43e0f806e9c64c7cb353

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/29/2024 8:28:38 PM UTC (today)

File size:

2.5 MB (2,594,680 bytes)

Product version:

4,2,0,157

Original file name:

SoonR.dll

File type:

Dynamic link library (Win64 DLL)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\soonr\soonr desktop client\vip\4.2.0.157.di64.dll

Digital Signature

Signed by:

SoonR Inc.

Authority:

VeriSign, Inc.

Valid from:

9/30/2010 7:00:00 PM

Valid to:

10/16/2013 6:59:59 PM

Subject:

CN=SoonR Inc., OU=Development, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=SoonR Inc., L=Menlo Park, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

7B9363355B94C364FC692549993A2B33

Registration

CLSIDs:

{11C22480-783C-497c-9B40-45463B6AEF59}, {2BC41DBB-BD09-4199-99E8-E8D3D6502D1E}, {47C7104D-4998-4fd7-B55D-F19C2B0EC22F}, {73256FF1-C649-422D-8966-C5D4403280A7}, {7ED60399-9A9F-4eba-BCD0-E9C5DC2E434D}, {D27041A1-EC31-4afb-AAD1-B6BC187FEC1D}

ProgIDs:

SoonrCM.SoonrBackupLockedOverlayIcon.1, SoonrCM.SoonrBackupLockedRemoteOverlayIcon.1, SoonrCM.SoonrProgressOverlayIcon.1, SoonrCM.SoonrCH.1, SoonrCM.SoonrMenu.1, SoonrCM.SoonrBackupErrorOverlayIcon.1, SoonrCM.SoonrBackupDoneOverlayIcon.1

COM registered:

Yes

File PE Metadata

Compilation timestamp:

7/19/2013 3:14:19 AM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

49152:FAHHJOqVl666S66666W6666O666k6626617WzxOEQ16KZHdt:EOS666S66666W6666O666k6626617Wzw

Entry address:

0x1DF30

Entry point:

48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, 37, 49, 01, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 03, 00, 00, 00, CC, CC, CC, 48, 8B, C4, 48, 89, 58, 20, 4C, 89, 40, 18, 89, 50, 10, 48, 89, 48, 08, 56, 57, 41, 56, 48, 83, EC, 50, 49, 8B, F0, 8B, DA, 4C, 8B, F1, BA, 01, 00, 00, 00, 89, 50, B8, 85, DB, 75, 0F, 39, 1D, 0C, 90, 04, 00, 75, 07, 33, C0, E9, D2, 00, 00, 00, 8D, 43, FF... 
[+]

Entropy:

3.0824

Code size:

276.5 KB (283,136 bytes)

Approved Shell Extension

Name:

My Hook

CLSID:

{73256FF1-C649-422D-8966-C5D4403280A7}

CLSID name:

SoonrCH Class

The file 4.2.0.157.di64.dll has been discovered within the following program.

Soonr Desktop Client by Soonr

www.soonr.com

About 1% of users remove it

Scan 4.2.0.157.di64.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.