home

director.dll

Awareness Technologies, Inc.

The module director.dll by Awareness Technologies has been detected as adware by 10 anti-malware scanners.
Publisher:
Awareness Technologies, Inc.  (signed and verified)

Version:
8, 2, 22, 1125

MD5:
651b0fcbd136eb118ebfd79c31867046

SHA-1:
0008e46bac60f43e62d789ecdad9aec660f5b387

SHA-256:
d1ddbf9c90044667a29788662dcb8b1fe1c3cf18a4badbb5808141b1bca2977d

Scanner detections:
10 / 68

Status:
Adware

Analysis date:
4/24/2024 6:16:44 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
APPL/MonitorTool.Gen
7.11.160.72

ESET NOD32
Win32/WebWatcher (variant)
8.10087

IKARUS anti.virus
Trojan.Win32.Skillis
t3scan.1.6.1.0

K7 AntiVirus
Trojan
13.180.12701

Kaspersky
not-a-virus:HEUR:Monitor.Win32.WebWatcher
14.0.0.2880

McAfee
Artemis!651B0FCBD136
5600.6933

Qihoo 360 Security
Win32/Virus.Monitor.cdf
1.0.0.1015

Reason Heuristics
PUP.AwarenessTechnologies.I
14.11.28.1

Sophos
Generic PUA AA
4.98

Trend Micro House Call
Suspicious_GEN.F47V0705
7.2.332

File size:
2.4 MB (2,525,504 bytes)

Product version:
8, 2, 22, 1125

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\webwatcherv8\director.dll

Digital Signature
Signed by:
Awareness Technologies, Inc.

Authority:
VeriSign, Inc.

Valid from:
4/24/2014 7:00:00 AM

Valid to:
6/23/2017 6:59:59 AM

Subject:
CN="Awareness Technologies, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Awareness Technologies, Inc.", L=Westport, S=Connecticut, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3AE6606F497A5293319BA52D6D589F30

File PE Metadata
Compilation timestamp:
7/2/2014 5:54:22 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:5KM4+RIjq+T0P0tiIGZr5aCmVCKAkxDRZNydKK:OUMiIGZrzmVAkxDRZod5

Entry address:
0x681BD

Entry point:
83, 7C, 24, 08, 01, 75, 05, E8, 48, C2, 00, 00, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, ED, FE, FF, FF, 59, C2, 0C, 00, E8, 9E, 9A, 00, 00, 8B, 4C, 24, 04, 89, 48, 14, C3, E8, 91, 9A, 00, 00, 8B, 48, 14, 69, C9, FD, 43, 03, 00, 81, C1, C3, 9E, 26, 00, 89, 48, 14, 8B, C1, C1, E8, 10, 25, FF, 7F, 00, 00, C3, CC, CC, CC, 57, 56, 53, 33, FF, 8B, 44, 24, 14, 0B, C0, 7D, 14, 47, 8B, 54, 24, 10, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 14, 89, 54, 24, 10, 8B, 44, 24, 1C, 0B, C0, 7D, 14, 47, 8B, 54, 24...
 
[+]

Entropy:
6.6413

Code size:
592 KB (606,208 bytes)

Remove director.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.