home

Client.DLL

Client Dynamic Link Library

ChangJieTong Software Co.,Ltd

The library Client.DLL has been detected as malware by 4 anti-virus scanners.
Publisher:
ChangJieTong Software Co.,Ltd  (signed and verified)

Product:
Client Dynamic Link Library

Description:
Client DLL

Version:
1, 0, 0, 1

MD5:
d69e6bf9d0b04ae145ed022cfb566fc9

SHA-1:
8dbe816b49a53967f577f85ed96d96a9766a6547

SHA-256:
2806b66854c1b1242da52144e72d7f402a74a55ed96b31acfcf223112fae8cd8

Scanner detections:
4 / 68

Status:
Malware

Analysis date:
4/19/2024 9:46:57 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Black.Gen2
7.11.97.64

ESET NOD32
Win32/Packed.VMProtect.AAN (variant)
9.8704

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.2389

Panda Antivirus
Trj/Thed.W
15.03.06.04

File size:
209.2 KB (214,232 bytes)

Product version:
1, 0, 0, 1

Copyright:
版权所有 (C) 2000

Original file name:
Client.DLL

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\windows\syswow64\client.dll

Digital Signature
Signed by:
ChangJieTong Software Co.,Ltd

Authority:
VeriSign, Inc.

Valid from:
7/4/2010 8:00:00 AM

Valid to:
7/3/2013 7:59:59 AM

Subject:
CN="ChangJieTong Software Co.,Ltd", OU=RD, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="ChangJieTong Software Co.,Ltd", L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
289A21E686712C610E84963CEF52EB8D

File PE Metadata
Compilation timestamp:
2/3/2004 3:13:32 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:SvHOQLoBAtipiY4y3h9TPiSxoI6GqK5zROx8rDGcmFFolCMxvM1jNXK:Yu2aAwpdLT7He04+rD1UNXK

Entry address:
0x2BAA7

Entry point:
60, C7, 44, 24, 1C, CD, 1F, 20, 04, 8D, 64, 24, 1C, 0F, 87, DD, 26, 00, 00, 68, 6A, A0, A6, 5A, 60, 60, 8D, 64, 24, 40, E9, 31, 42, 00, 00, 5D, 84, 9B, 65, B3, C9, F4, E9, FF, F5, BD, 13, 08, 44, FF, F4, 0F, 08, 5D, 54, D1, 04, 0E, 17, C8, A8, D5, 8B, 4A, 04, F1, 57, 57, E1, 93, D4, 06, 38, 35, 90, 03, E2, 9B, F3, 9C, 3A, DD, 67, D4, 51, 4B, 0E, 1A, C6, 4B, AD, AC, 2B, 79, F6, 1E, 01, 26, B2, 62, 86, 05, 69, F1, E5, E2, AA, 00, AA, EE, 11, F2, 4E, 05, 93, A9, AE, E1, 49, 81, AF, 0C, EC, FB, 3C, 41, 74, A8...
 
[+]

Entropy:
7.2113

Code size:
4 KB (4,096 bytes)

Remove Client.DLL - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.