» d3r.dll
Overview
Analysis
File Details

d3r.dll

QQ电脑管家

Tencent Technology(Shenzhen) Company Limited

File name:

d3r.dll

Publisher:

Tencent (signed by Tencent Technology(Shenzhen) Company Limited)

Product:

QQ电脑管家

Description:

QQ电脑管家dll

Version:

6.0.1782.202

MD5:

981f6b040851aae3815ce49831fbb54e

SHA-1:

1097d64c74d41dada2fdf4fb7700714a79ed443a

SHA-256:

7faa114cef1e76486621d1b9850a37ea019742e96faa5b15f46907b3b0d68413

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 6:35:26 PM UTC (today)

File size:

218.3 KB (223,584 bytes)

Product version:

6,0,1782,202

Original file name:

dr.dll

File type:

Dynamic link library (Win32 DLL)

Language:

Chinese (Simplified, PRC)

Common path:

C:\users\{user}\appdata\roaming\tencent\qmdownload\download\d3r.dll

Digital Signature

Signed by:

Tencent Technology(Shenzhen) Company Limited

Authority:

VeriSign, Inc.

Valid from:

1/16/2013 4:00:00 PM

Valid to:

2/16/2016 3:59:59 PM

Subject:

CN=Tencent Technology(Shenzhen) Company Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Tencent Technology(Shenzhen) Company Limited, L=shenzhen, S=guangdong, C=CN

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

7170BD93CF3F189AE6452B514C49340E

File PE Metadata

Compilation timestamp:

1/26/2016 3:07:54 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

6144:XA1cZuuuDtuJcoSVB/QnCgbHBDdb48b+A:waMuuDxrBclHJdck9

Entry address:

0x5EAF9

Entry point:

E9, 27, FE, FF, FF, 8D, 64, 24, 0C, C3, 66, 0F, AB, D3, 66, 8B, 1E, F6, C4, ED, F6, C3, 3B, 81, E3, FF, 0F, 00, 00, F5, E8, 63, F4, FF, FF, 8D, 64, 24, 24, 0F, 85, 40, CD, FF, FF, 60, 68, EC, BE, 36, FF, E8, 52, EF, FF, FF, 00, 00, 4C, 65, 61, 76, 65, 43, 72, 69, 74, 69, 63, 61, 6C, 53, 65, 63, 74, 69, 6F, 6E, 00, 8D, 64, 24, 34, 0F, 87, 11, E3, FF, FF, 9C, E8, 85, 9A, FF, FF, 53, 54, 60, 8D, 64, 24, 28, 0F, 85, 01, CD, FF, FF, E9, 41, 39, 00, 00, 70, EB, 0F, EA, CA, FC, 89, A2, EF, F0, A7, E0, 25, A1, F8... 
[+]

Entropy:

7.7589

Packer / compiler:

tElock 0.99 - 1.0 private

Code size:

532 KB (544,768 bytes)

Scan d3r.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.