home

cygwin1.dll

Cygwin

Prospera Software, Inc.

cygwin1.dll is the library is part of Cygwin, a GNU and Open Source tools which provide functionality similar to a Linux distribution on Windows which provides POSIX API functionality and is recompiled by Prospera Software, Inc.. The library cygwin1.dll, “Cygwin® POSIX Emulation DLL” by Prospera Software has been known to be a potentially unwanted program that has been detected by 1 anti-malware scanner. Note, this is a common distributed file and although it has been detected it might not be a threat is un-coupled from its distribution source.
Publisher:
Red Hat  (signed by Prospera Software, Inc.)

Product:
Cygwin

Description:
Cygwin® POSIX Emulation DLL

Version:
1.7.5

MD5:
a182dc790faac7a3a339e15c921c99be

SHA-1:
30c4783d2bb07e34fb2b7a38ebb75c5fd780215d

SHA-256:
be2f300f742bdf45660e00ac54f211c79d3e827f50d7eaa2243ac975ed00471c

Scanner detections:
1 / 68

Status:
Inconclusive but possibly unwanted  (It is part of a common redistributable library)

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/25/2024 12:53:30 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Common.PartOf.PUP.ProsperaSoftware (M)
16.2.2.2

File size:
2.5 MB (2,616,000 bytes)

Product version:
1.7.5

Copyright:
Copyright © Red Hat, Inc. 1996-2009

Original file name:
cygwin1.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\hiro burner\cdrkit\cygwin1.dll

Digital Signature
Signed by:
Prospera Software, Inc.

Authority:
VeriSign, Inc.

Valid from:
3/28/2013 1:00:00 AM

Valid to:
4/28/2014 1:59:59 AM

Subject:
CN="Prospera Software, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Prospera Software, Inc.", L=Suwanee, S=Georgia, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5B2765F2A1838273DA2D54A0DF7C3C00

File PE Metadata
Compilation timestamp:
4/12/2010 7:07:47 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.56

CTPH (ssdeep):
49152:JgRJyWErLiMbB+XAXibJDt9oUcbGaAoxx6TDZmYP3xK54Qcx2CWvgf6K4EY:Jg/yWUeFXAXi9DtdcbGZooZmYP04QcxY

Entry address:
0x6B860

Entry point:
55, 89, E5, 81, EC, B8, 00, 00, 00, 8B, 45, 0C, 89, 5D, F4, 89, 75, F8, 89, 7D, FC, 83, F8, 01, 74, 76, 72, 28, 83, F8, 02, 0F, 84, 2B, 02, 00, 00, 83, F8, 03, 74, 2B, 8D, B6, 00, 00, 00, 00, 8B, 5D, F4, B8, 01, 00, 00, 00, 8B, 75, F8, 8B, 7D, FC, 89, EC, 5D, C2, 0C, 00, 8B, 0D, DC, F4, 15, 61, 85, C9, 74, E2, E8, 6D, E4, 04, 00, EB, DB, A1, AC, 84, 16, 61, 85, C0, 74, D2, 64, A1, 04, 00, 00, 00, 8D, 90, 64, CE, FF, FF, 8D, 45, F0, 39, C2, 76, BF, 81, BA, CC, 10, 00, 00, 3F, 17, 63, C7, 75, B3, C7, 44, 24...
 
[+]

Code size:
1.3 MB (1,389,568 bytes)

Scan cygwin1.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.