home

bit4upki-store.dll

csp-certstore Dynamic Link Library

Bit4id

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘bit4id csp store register (M x64)’.
Publisher:
bit4id srl  (signed by Bit4id)

Product:
csp-certstore Dynamic Link Library

Version:
1, 4, 5, 5

MD5:
659230527e71c6b90e7128d04923b2c3

SHA-1:
5ba3bfde23f49ffc89632b43fb079b799f7d5cee

SHA-256:
74114ef7fba1ac7c31e58356f1709a9a13f28e4011b06f6dd4f9f6d55639c90a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/13/2024 2:18:41 PM UTC  (today)

File size:
259.2 KB (265,424 bytes)

Product version:
1, 4, 5, 5

Copyright:
Copyright (C) 2005-2016 bit4id srl - Unauthorized Use is Prohibited.

Original file name:
csp-certstore.dll

File type:
Dynamic link library (Win64 DLL)

Language:
Italian (Italy)

Common path:
C:\Windows\System32\bit4upki-store.dll

Digital Signature
Signed by:
Bit4id

Authority:
Symantec Corporation

Valid from:
6/23/2015 3:00:00 AM

Valid to:
7/23/2018 2:59:59 AM

Subject:
CN=Bit4id, O=Bit4id, L=Napoli, S=Napoli, C=IT

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
32D0DC0C0E116ABB878973808842677A

File PE Metadata
Compilation timestamp:
10/26/2016 1:52:42 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

Entry address:
0x172B0

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 83, FA, 01, 49, 8B, F8, 8B, DA, 48, 8B, F1, 75, 05, E8, 6F, DF, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 83, FE, FF, FF, CC, CC, CC, 48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 48, 8D, 59, 1C, 48, 8B, F1, BF, 01, 01, 00, 00, 48, 8B, CB, 4C, 8B, C7, 33, D2, E8, 48, B2, FF, FF, 45, 33, DB, 4C, 8D, 05, BE, 28, 02, 00, 44, 89, 5E, 04, 44, 89, 5E, 08, 44, 89, 5E, 0C, 4C, 89...
 
[+]

Code size:
174.5 KB (178,688 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
bit4id csp store register (M x64)

Command:
"rundll32.exe" "C:\Windows\System32\bit4upki-store.dll",runimportserver


Scan bit4upki-store.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.