» cryptnet.dll
Overview
Analysis
File Details

cryptnet.dll

msnshell.com

File name:

cryptnet.dll

Publisher:

msnshell.com (signed and verified)

MD5:

f89134931f861efbb6e26bbd3e2a94e2

SHA-1:

476d5d420837b5e2a971f4bc69980e5ef8881195

Scanner detections:

5 / 68

Status:

Clean (5 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/24/2024 11:42:15 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

IKARUS anti.virus

Trojan-Spy.Win32.Delf.uh

14.07.08

Prevx

Heuristic: Suspicious Self Modifying File

3.0.7

Vba32 AntiVirus

suspected of Backdoor.XiaoBird.58

14.07.08

File size:

32.3 KB (33,096 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\Program Files\msnshell\bin\cryptnet.dll

Digital Signature

Signed by:

msnshell.com

Authority:

Wotone Communications, Inc.

Valid from:

12/14/2006 8:00:00 AM

Valid to:

12/15/2007 7:59:59 AM

Subject:

CN=msnshell.com, OU=msnshell.com, O=msnshell.com, L=广州, S=广东, C=CN

Issuer:

CN=WoTrust Code Signing Authority, O="Wotone Communications, Inc.", C=US

Serial number:

188B7AFF6CAC834752B82304EF52095D

File PE Metadata

Compilation timestamp:

6/20/1992 6:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

768:B9CDAqdSDQtgIoCb1F5bbOVnq1pshCIL3XSF9tQ:BsUqYDQCVCvtWqTaCIbqtQ

Entry address:

0x594C

Entry point:

55, 8B, EC, 83, C4, C4, B8, 14, 59, 40, 00, E8, DC, E3, FF, FF, 33, C0, 55, 68, 8C, 59, 40, 00, 64, FF, 30, 64, 89, 20, B8, B8, 58, 40, 00, A3, 54, 76, 40, 00, B8, 01, 00, 00, 00, E8, 3A, FF, FF, FF, 33, C0, 5A, 59, 59, 64, 89, 10, 68, 93, 59, 40, 00, C3, E9, 9B, D0, FF, FF, EB, F8, E8, 90, D5, FF, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.6107

Developed / compiled with:

Microsoft Visual C++

Code size:

18.5 KB (18,944 bytes)

Scan cryptnet.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.