home

elock.dll

Shanghai Tuizhong Network Technology Studio

The module elock.dll by Shanghai Tuizhong Network Technology Studio has been detected as a potentially unwanted program by 2 anti-malware scanners.
Publisher:
Shanghai Tuizhong Network Technology Studio  (signed and verified)

MD5:
1911c28a9af0c3ad16a3e62f95cf8b23

SHA-1:
2073585e1e3f0d562a9758738c12bf86d38ed6fe

SHA-256:
bb1978ef78adb3c7069f0391f4940ab175e2bddd78e7e0d9b85b3c37253b01c7

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 8:26:50 AM UTC  (today)

Scan engine
Detection
Engine version

Comodo Security
Virus.Win32.Virut.CE
16052

Reason Heuristics
Adware.Downloader.STN.Meta (M)
16.3.2.22

File size:
382.9 KB (392,096 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\niudun\elock.dll

Digital Signature
Signed by:
Shanghai Tuizhong Network Technology Studio

Authority:
VeriSign, Inc.

Valid from:
5/7/2012 8:00:00 AM

Valid to:
5/8/2013 7:59:59 AM

Subject:
CN=Shanghai Tuizhong Network Technology Studio, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Shanghai Tuizhong Network Technology Studio, L=Shanghai, S=Shanghai, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
168C50E807302FBEE40FD964EF54E7FA

File PE Metadata
Compilation timestamp:
3/10/2013 5:42:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:uyXWLuxLqmcerO8/vudEM5IlqLZPVvvU/kBvBPAmuCC9IlsVmgLaGLk:uyXwuxLqe5HOelmBUYqm7IUgh

Entry address:
0xCF9FF

Entry point:
68, A9, E0, 63, D9, C7, 04, 24, BC, 70, C7, FC, E8, 87, 39, FB, FF, E8, 08, 37, FB, FF, B8, 14, CA, BA, F5, 74, EB, 1B, 6C, 8E, B6, 32, 56, F2, 5F, 6B, ED, 10, E9, 2B, 9D, 2F, B1, 33, 79, 29, 23, 8F, 15, 9F, 1D, 8F, 25, F5, BD, 32, 51, 57, 33, 7F, BA, 46, 28, B4, F9, A1, 4B, 71, 33, C5, E3, 30, 18, 0F, D9, C6, 24, 2B, 6E, 70, 0E, 1C, 51, 1D, DF, B1, 33, 25, F7, B0, 60, CC, 99, 90, 89, 47, E0, A5, 0C, CF, 28, 18, E2, ED, 12, 88, 4F, 19, 69, 05, C4, 07, DC, 0E, C2, A5, CD, 4E, DD, 23, BC, 45, 1F, 61, E9, 50...
 
[+]

Entropy:
7.7974  (probably packed)

Code size:
184 KB (188,416 bytes)

Remove elock.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.