home

c9ffa07b4bc34b65b3b0d444f7988f36.dll

MD5:
9e05f7adc04e0809b760787662bd6299

SHA-1:
455622ee3310b119f989b7004bcee74e15fa22e8

SHA-256:
f97acd03aa5afb496b70fc4a4ba256c0a9f7f38d680f7d8ff86250bcfb4c2795

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/26/2024 3:42:47 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Crypt.XPACK.Gen
7.11.30.172

Comodo Security
Heur.Packed.Unknown
19353

Qihoo 360 Security
Malware.QVM39.Gen
1.0.0.1015

Quick Heal
(Suspicious) - DNAScan
8.14.14.00

File size:
64.5 KB (66,048 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\temp\c9ffa07b4bc34b65b3b0d444f7988f36.dll

File PE Metadata
Compilation timestamp:
1/17/2014 4:29:27 AM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

CTPH (ssdeep):
1536:vnSySxkIv0AYvWsMJmbzhmQpoTSbXLp6tv2kbGHdnHUDv:vZx8fKWsMJmbzhmQpoSTLY12k+tH0

Entry address:
0x15000

Entry point:
E9, 83, 0B, 00, 00, 22, C8, 87, 2E, F1, 00, F1, 05, 11, 28, 93, 1A, F9, 33, E4, ED, D6, 18, C4, 12, 51, 39, 49, C4, 29, 63, 7E, F4, 5F, F6, 42, 9C, 8F, 13, 9A, 6C, 7B, 36, EC, CE, 41, 21, 85, DB, E9, AE, 9A, 66, BE, 8A, CE, 5F, 11, 26, 83, E8, 7E, C3, 04, 8D, 81, FC, A5, 1B, E6, F7, 8A, E5, 99, 78, 71, 9F, 2B, F5, D0, 30, B4, 6D, DB, 7B, C9, 85, FF, 77, 02, 55, 5D, 7A, 05, BF, 32, E2, F7, 09, 71, 02, 33, FF, 33, C9, 33, FF, 81, C5, 18, 76, 59, 4C, 76, 06, 81, C7, 53, AD, 5E, 3A, 85, FF, 74, 05, BA, D0, 47...
 
[+]

Entropy:
7.3942

Packer / compiler:
Xtreme-Protector v1.05

Code size:
1 GB (1,116,503,441 bytes)

Scan c9ffa07b4bc34b65b3b0d444f7988f36.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.