home

ar.dll

Jingcai online technology(DaLian) CO.,LTD

Publisher:
Jingcai online technology(DaLian) CO.,LTD  (signed and verified)

MD5:
8bea3d09a702809e21c11ba31dd47794

SHA-1:
df4908e5c52cde199f92d2c9ded95b4198286830

SHA-256:
4a0118fbb2c7c59c7b6066fe25d648693c54552bbc0204110f37b4c246ba59f9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 1:10:16 PM UTC  (today)

File size:
370.4 KB (379,272 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\matonline_2.1.6.715\system\ar.dll

Digital Signature
Signed by:
Jingcai online technology(DaLian) CO.,LTD

Authority:
VeriSign, Inc.

Valid from:
6/27/2012 7:00:00 AM

Valid to:
6/28/2015 6:59:59 AM

Subject:
CN="Jingcai online technology(DaLian) CO.,LTD", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Jingcai online technology(DaLian) CO.,LTD", L=dalian, S=liaoning, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3C10B971FFDA71827E545E423F6CBA80

File PE Metadata
Compilation timestamp:
3/6/2015 1:31:08 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
6144:FD//29JQvOu9/m1yHP57rh/g712hSCFvaKEd//OujnSNuBzgi:SQvZ9+SJ9/g7USCAKEZOEzl

Entry address:
0xADFA1

Entry point:
9C, 9C, 60, C7, 44, 24, 24, A5, 06, EF, 6B, E8, 02, 1B, FF, FF, 82, BB, 00, D9, 00, D1, 47, B4, C9, CC, D5, 10, 2C, 71, 78, A5, C8, CE, EE, F0, DC, 6A, BA, A5, D3, A7, D6, E6, 1F, 11, 26, 7E, 8C, AC, C1, D2, 3D, DB, 04, 10, 8E, E5, 69, E8, 72, 82, 00, AA, F7, 9D, 92, 03, 5D, 7C, 95, A4, 0F, 8E, FA, DF, 04, 15, 57, 31, D3, 08, 81, F3, AA, 6D, 68, CF, E4, 98, 8D, 40, 05, E5, 39, E9, 27, 7B, 75, 03, 77, E5, 64, BF, 1C, 8B, 61, 9F, A7, 55, D3, 4F, FB, 24, 82, B7, 0B, 88, CE, 30, B9, 15, 5D, D2, 10, 99, 81, 2D...
 
[+]

Entropy:
7.8369  (probably packed)

Code size:
80 KB (81,920 bytes)

Scan ar.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.