» down_surf.dll
Overview
Analysis
File Details

down_surf.dll

down_surf

Beijing LEBO infinity Technology Development CO.,LTD

File name:

down_surf.dll

Publisher:

北京袋鼠网络科技有限公司 (signed by Beijing LEBO infinity Technology Development CO.,LTD)

Product:

down_surf

Version:

1,0,5,16

MD5:

38cc50cfd0bc2e7b6a313a57858cd5a3

SHA-1:

99645885f7131598c918e38b236afcb1144e62e2

SHA-256:

d8dd5b12f5b0d8bedfb4fb506562f468ea93879aa88c8370d0e2abc6f0c49aae

Scanner detections:

1 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/18/2024 12:05:11 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

W32/Ramnit.A

7.11.30.172

File size:

266.1 KB (272,528 bytes)

Product version:

1,0,5,16

Original file name:

down_surf.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\roaming\kanbox network\kanbox\application\bin\down_surf.dll

Digital Signature

Signed by:

Beijing LEBO infinity Technology Development CO.,LTD

Authority:

VeriSign, Inc.

Valid from:

11/23/2010 7:00:00 PM

Valid to:

11/23/2013 6:59:59 PM

Subject:

CN="Beijing LEBO infinity Technology Development CO.,LTD", OU="Beijing LEBO infinity Technology Development CO.,LTD", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Beijing LEBO infinity Technology Development CO.,LTD", L=Beijing, S=Beijing, C=CN

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

0A0D7B2932D2C6D57B85E7D753568E67

File PE Metadata

Compilation timestamp:

9/5/2012 1:11:34 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

6144:lPClKK4VnUybcZHVLpWqBek0cEgLqcVgZOVvrSP30G:YlHInUFZVLpWqMkigLrvmP3N

Entry address:

0x20C9E

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, B8, 06, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, CC, FE, FF, FF, 59, 5D, C2, 0C, 00, CC, FF, 25, E0, E3, 02, 10, FF, 25, DC, E3, 02, 10, 8B, 00, 81, 38, 63, 73, 6D, E0, 74, 03, 33, C0, C3, E9, 1C, 07, 00, 00, 6A, 14, 68, 90, 95, 03, 10, E8, 28, 03, 00, 00, 83, 65, FC, 00, FF, 4D, 10, 78, 3A, 8B, 4D, 08, 2B, 4D, 0C, 89, 4D, 08, FF, 55, 14, EB, ED, 8B, 45, EC, 89, 45, E4, 8B, 45, E4, 8B, 00, 89, 45, E0, 8B, 45, E0, 81, 38, 63, 73, 6D, E0, 74, 0B, C7, 45... 
[+]

Entropy:

6.7077

Code size:

177.5 KB (181,760 bytes)

Scan down_surf.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.