home

acdetoured.dll

Microsoft Research Detours Package

Cisco Systems, Inc.

Publisher:
Microsoft Corporation  (signed by Cisco Systems, Inc.)

Product:
Microsoft Research Detours Package

Description:
Marks process modified by Detours technology.

Version:
Professional Version 2.1 Build_223

MD5:
071085ca0c8c103942fbaf39312fbcb6

SHA-1:
eef2f71f2152694a526355b84f60705cc19870b0

SHA-256:
fb7ae76cf3561fe945f186a40539eadeabc7dd8d08caa7667d4ad67c0755f5eb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 1:17:50 AM UTC  (today)

File size:
10.4 KB (10,640 bytes)

Product version:
Professional Version 2.1 Build_223

Copyright:
Copyright (C) Microsoft Corporation. All rights reserved.

Original file name:
DETOURED.DLL

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\Windows\System32\acdetoured.dll

Digital Signature
Signed by:
Cisco Systems, Inc.

Authority:
VeriSign, Inc.

Valid from:
1/2/2013 7:00:00 PM

Valid to:
4/4/2015 7:59:59 PM

Subject:
CN="Cisco Systems, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Cisco Systems, Inc.", L=Boxborough, S=Massachusetts, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5ECE4ABD054DB0EE1ACEF57C4D3F442C

File PE Metadata
Compilation timestamp:
8/30/2013 6:04:15 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
8.0

CTPH (ssdeep):
192:FQYgWndvWtnYe+PjPDrZo+voer9ZCspE+TMArgG/SZl54hO:yYgWndvWtnYPLJ6eMRGqTShO

Entry address:
0x1008

Entry point:
48, 83, EC, 28, 83, FA, 01, 75, 0D, 48, 89, 0D, E8, 1F, 00, 00, FF, 15, E2, 0F, 00, 00, B8, 01, 00, 00, 00, 48, 83, C4, 28, C3, FF, 25, D2, 0F, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.9656

Code size:
512 Bytes (512 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.