» bootres - backup.dll
Overview
Analysis
File Details

bootres - backup.dll

Boot Resource Library

Coder for Life

File name:

Publisher:

Microsoft Corporation (signed by Coder for Life)

Product:

Microsoft® Windows® Operating System

Description:

Boot Resource Library

Version:

6.1.7600.16385 (win7_rtm.090713-1255)

MD5:

a76353b76a3745b248445b194b9f30b8

SHA-1:

bcc161069babe1bf8dd7280332e36a3ec5f235bf

SHA-256:

3cf905955e96896472bbe1b7cf573b59678360c61b89bb88fd9dce32f8b6e406

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/19/2024 3:31:20 PM UTC (today)

File size:

2.3 MB (2,376,344 bytes)

Product version:

6.1.7600.16385

Original file name:

bootres

File type:

Dynamic link library (Win64 DLL)

Language:

English (United States)

Common path:

C:\Windows\System32\bootres - backup.dll

Digital Signature

Signed by:

Coder for Life

Authority:

Coder for Life Certificate Authority

Valid from:

9/5/2010 6:58:56 PM

Valid to:

12/31/2039 3:59:59 PM

Subject:

CN=Coder for Life

Issuer:

CN=Coder for Life Certificate Authority, DC=coderforlife, DC=com, E=jeff@coderforlife.com

Serial number:

0E739F3C5AE525B3451333276AED40F8

Registration

CLSIDs:

{785C078A-E8B6-818F-7202-43831B72A2E0}, {E4F19DA6-9A53-7901-32C8-3673DE1DC3CF}

COM registered:

Yes

File PE Metadata

Compilation timestamp:

7/13/2009 6:25:47 PM

OS version:

6.1

OS bitness:

Win64

Subsystem:

Windows Console

Linker version:

9.0

CTPH (ssdeep):

49152:Js7YFW1s5jNKDJgjN3J7HYWh5M8GZYFXRuE1U/O8Pop0RdBS:yrwNSgjTcWh5M8ZhICU/tQpKQ

Entry point:

4D, 5A, 90, 00, 03, 00, 00, 00, 04, 00, 00, 00, FF, FF, 00, 00, B8, 00, 00, 00, 00, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, B8, 00, 00, 00, 0E, 1F, BA, 0E, 00, B4, 09, CD, 21, B8, 01, 4C, CD, 21, 54, 68, 69, 73, 20, 70, 72, 6F, 67, 72, 61, 6D, 20, 63, 61, 6E, 6E, 6F, 74, 20, 62, 65, 20, 72, 75, 6E, 20, 69, 6E, 20, 44, 4F, 53, 20, 6D, 6F, 64, 65, 2E, 0D, 0D, 0A, 24, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.9973 (probably packed)

Scan bootres - backup.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.