home

acshell32.dll

Attribute Changer

Romain Petges

Publisher:
Romain Petges

Product:
Attribute Changer

Description:
Attribute Changer Shell Extension

Version:
711.2014.6.1

MD5:
dbe91c61df099ad5b227580feaf7598d

SHA-1:
155fa33ba6e6320807da253c0e9de4b04b2796c6

SHA-256:
400a092634a61ed9f96f970c202c03709f110df374d46918693a25fa912fa0cc

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
5/6/2024 3:30:23 PM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
Win.Trojan.Ramnit-1847
0.98/23207

File size:
287.9 KB (294,835 bytes)

Product version:
7, 0, 0, 0

Copyright:
1999 - 2014 Romain Petges

Original file name:
acshell.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\attribute changer\acshell32.dll

File PE Metadata
Compilation timestamp:
6/1/2014 11:25:34 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x21000

Entry point:
60, E8, 00, 00, 00, 00, 5D, 8B, C5, 81, ED, A8, A6, 01, 20, 2B, 85, 0F, AE, 01, 20, 89, 85, 0B, AE, 01, 20, B0, 00, 86, 85, 40, B0, 01, 20, 3C, 01, 0F, 85, BC, 01, 00, 00, 83, BD, 3B, AF, 01, 20, 00, 74, 33, 83, BD, 3F, AF, 01, 20, 00, 74, 2A, 8B, 85, 0B, AE, 01, 20, 2B, 85, 3B, AF, 01, 20, 8B, 00, 89, 85, 78, AF, 01, 20, 8B, 85, 0B, AE, 01, 20, 2B, 85, 3F, AF, 01, 20, 8B, 00, 89, 85, 7C, AF, 01, 20, EB, 61, 83, BD, 43, AF, 01, 20, 00, 74, 58, 8B, 85, 0B, AE, 01, 20, 2B, 85, 43, AF, 01, 20, FF, 30, 8D, 85...
 
[+]

Entropy:
7.0707

Packer / compiler:
ASPack v1.08.04

Code size:
70 KB (71,680 bytes)

Approved Shell Extension
Name:
Attribute Changer Shell Extension

CLSID:
{D3F9A525-8824-497A-BE36-B23E22F141FC}

CLSID name:
ACShell Class


Scan acshell32.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.