» downloader.dll
Overview
Analysis
File Details

downloader.dll

Bexley Holdings Limited

File name:

downloader.dll

Publisher:

Bexley Holdings Limited (signed and verified)

MD5:

df92973e22f5c1a6cb6de38df648ea2e

SHA-1:

7e6117df0f6f29e4cd299ce3a84242bb97ab96a4

SHA-256:

39374709cacefbeb38ba258883f12cd62e2a75d3be4c6451a92c57c840706440

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 8:52:56 PM UTC (today)

File size:

4.6 MB (4,847,240 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\appdata\local\temp\downloader.dll

Digital Signature

Signed by:

Bexley Holdings Limited

Authority:

COMODO CA Limited

Valid from:

1/2/2013 2:00:00 AM

Valid to:

1/3/2014 1:59:59 AM

Subject:

CN=Bexley Holdings Limited, O=Bexley Holdings Limited, POBox=364, STREET=60 Market Square, L=Belize, S=Belize, PostalCode=0000, C=BZ

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00F1DF82285A8FDE38FCD65A33AAEFC46B

File PE Metadata

Compilation timestamp:

4/4/2013 11:19:22 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.23

CTPH (ssdeep):

98304:VF3egztsjJ8yM4Abvtidth773bqZFAax+U5AWPukGBAUZL83tUFAFvK:LugztsjJM4AbvUnh773tax+U5AcGVKq

Entry address:

0x1060

Entry point:

83, EC, 2C, 89, 5C, 24, 20, 8B, 5C, 24, 34, 89, 74, 24, 24, 8B, 74, 24, 30, 89, 7C, 24, 28, 8B, 7C, 24, 38, 83, FB, 01, 74, 44, 89, 7C, 24, 08, 89, 5C, 24, 04, 89, 34, 24, E8, F0, 6E, 22, 00, 83, EC, 0C, 85, DB, 75, 1B, 8B, 15, 00, 40, 2C, 65, 85, D2, 0F, 84, 8B, 00, 00, 00, 89, 44, 24, 1C, E8, 52, FF, FF, FF, 8B, 44, 24, 1C, 8B, 5C, 24, 20, 8B, 74, 24, 24, 8B, 7C, 24, 28, 83, C4, 2C, C2, 0C, 00, C7, 04, 24, 80, 00, 00, 00, E8, F0, 42, 23, 00, 85, C0, A3, 00, 40, 2C, 65, 74, 5E, C7, 00, 00, 00, 00, 00, A3... 
[+]

Entropy:

6.6242

Code size:

2.5 MB (2,662,400 bytes)

Scan downloader.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.