home

duilib.dll

Guangxi Nanning Shengtaian E-commerce Development Co., Ltd.

Publisher:
Guangxi Nanning Shengtaian E-commerce Development Co., Ltd.  (signed and verified)

MD5:
d42df4e54cb56697b83e6894d2442db0

SHA-1:
9d62ed9dbb5256e710b57452581680e5e224c11a

SHA-256:
b098ed8e52049a572bb7148240fdc930ae91d50e03386169b17efab53cc406fe

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/19/2024 3:39:03 PM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
TROJ_GEN.F47V0822
7.2.299

File size:
463.8 KB (474,936 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\musicplayer\2013811\duilib.dll

Digital Signature
Signed by:
Guangxi Nanning Shengtaian E-commerce Development Co., Ltd.

Authority:
WoSign eCommerce Services Limited

Valid from:
6/3/2013 1:48:59 PM

Valid to:
7/6/2014 1:50:32 PM

Subject:
E=kefu@shengtaian.com, CN="Guangxi Nanning Shengtaian E-commerce Development Co., Ltd.", O="Guangxi Nanning Shengtaian E-commerce Development Co., Ltd.", L=Nanning, S=Guangxi Zhuangzu Zizhiqu, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:
1BE23EE2C85B88

File PE Metadata
Compilation timestamp:
7/5/2013 9:30:21 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:lShbwaMrxRLasr7iqSctZELFKlX43vl+5KioiXC+bvn9sYgph:+8hhvdP43E5W+/gph

Entry address:
0x3C875

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 93, 47, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 6A, 0C, 68, B0, 3C, 05, 11, E8, 8C, 16, 00, 00, 6A, 0E, E8, 82, 49, 00, 00, 59, 83, 65, FC, 00, 8B, 75, 08, 8B, 4E, 04, 85, C9, 74, 2F, A1, A4, E1, 06, 11, BA, A0, E1, 06, 11, 89, 45, E4, 85, C0, 74, 11, 39, 08, 75, 2C, 8B, 48, 04, 89, 4A, 04, 50, E8, 70, CA, FF, FF, 59, FF, 76, 04, E8, 67, CA, FF, FF, 59, 83, 66, 04, 00, C7, 45, FC, FE, FF, FF, FF, E8, 0A, 00, 00, 00...
 
[+]

Entropy:
6.7384

Code size:
277.5 KB (284,160 bytes)

Scan duilib.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.