home

dwmenabled.dll

MD5:
23e063e8f11ba1a2d52ce218c070adbb

SHA-1:
164e41c54165ad6465f1b837e4105403773c5af2

SHA-256:
b0adcec8a1511363af06202b72c1fb75926201353d69fa18eeacdd0b007a27f9

Scanner detections:
6 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/25/2024 9:50:19 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Win32/Heri
2015.0.3592

Bkav FE
W32.Clod84d.Trojan
1.3.0.4613

Comodo Security
UnclassifiedMalware
17614

IKARUS anti.virus
Virus.Win32.Heri
t3scan.2.2.29

Norman
Suspicious_Gen2.UDMTX
11.20140116

VIPRE Antivirus
Trojan.Win32.Generic
25450

File size:
1.5 KB (1,536 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\dwmenabled.dll

File PE Metadata
Compilation timestamp:
8/8/2011 9:27:41 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.0

CTPH (ssdeep):
12:z/R9s8iPqlQwvkvAoVzJvl04Y0T/8oeMpa7NtRSHu+RlMk/lGKVT:cJm5Bo/lrTL8oeWbxRl/lp

Entry address:
0x10C9

Entry point:
B0, 01, C3, 55, 8B, EC, 33, C0, 55, 68, F1, 10, 40, 00, 64, FF, 30, 64, 89, 20, FF, 05, 20, 11, 40, 00, 33, C0, 5A, 59, 59, 64, 89, 10, 68, F8, 10, 40, 00, C3, E9, 0A, EF, FF, FF, EB, F8, 5D, C3, 83, 2D, 20, 11, 40, 00, 01, C3, FF, 25, 08, 10, 40, 00, FF, 25, 00, 10, 40, 00, FF, 25, 04, 10, 40, 00, 00, 1E, 00, 00, 00, 00, 00, 1E, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 58, 11, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 98, 11, 00, 00, 00, 10, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
3.0353

Code size:
512 Bytes (512 bytes)

Scan dwmenabled.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.