home

cnt_ea.dll

Fx1 Inc

Publisher:
Fx1 Inc  (signed and verified)

MD5:
2770f1425d3c31896cf2f84fb52edcfa

SHA-1:
9ca367f14ecec29004193236db2aa9b64e86eee2

SHA-256:
a99a872c959a802459e9b3b98f8e3d184e21585db5f0cef663001d2e4a515d1d

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/24/2024 6:51:01 AM UTC  (today)

Scan engine
Detection
Engine version

F-Secure
Win32.Ramnit.N
5.13.68

File size:
1.5 MB (1,522,288 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\roaming\metaquotes\terminal\7517430b10149a74a2145c8462fcd711\mql4\libraries\cnt_ea.dll

Digital Signature
Signed by:
Fx1 Inc

Authority:
COMODO CA Limited

Valid from:
2/7/2012 7:00:00 PM

Valid to:
2/7/2013 6:59:59 PM

Subject:
CN=Fx1 Inc, O=Fx1 Inc, STREET=815 Ponce De Leon Blvd P209, L=Coral Gables, S=Florida / USA, PostalCode=33134, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
60991921FAC023AC6C810B52FEE17A09

File PE Metadata
Compilation timestamp:
11/10/2012 6:27:29 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:AvSAtavZ1tudr4H+QMTt+PibRqBDqyUP2nQZZ1uQdFjuLCvdekckEp7ExsohjKos:AvRaR1qr4e95QiNXenKuSFjuLCokckIn

Entry address:
0x198F81

Entry point:
E8, 7B, 33, 00, 00, 5B, 70, 55, 48, 9F, F8, 86, 59, 15, 26, 2C, 83, B8, 4A, B4, C7, 80, 97, 6C, 00, 3C, 4E, 42, D7, 7A, 0B, AE, 3F, 67, B6, 10, D7, AB, 9A, F0, A3, EA, 20, BC, E4, 35, D9, 5C, 34, 9E, E8, BB, AF, 47, D3, C7, DD, AB, 42, 93, 2B, 47, 5D, 2B, 3C, 42, 9B, A2, 37, F6, 88, D0, 0F, 8B, 5A, 12, 2A, 6C, E8, FC, 80, 15, 58, 6E, 3C, CE, CB, F6, F0, 82, 58, AA, F6, D8, B8, 93, 60, 7E, 54, A6, 23, A1, 31, 7C, 1B, B0, C3, 18, 79, 5A, AF, D8, DD, BB, 8F, 1F, F3, B4, 6C, 84, 61, 55, 6D, 19, ED, CB, 55, AD...
 
[+]

Entropy:
7.9829  (probably packed)

Code size:
115.5 KB (118,272 bytes)

Scan cnt_ea.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.