home

esearch.dll

MD5:
18ee780d15fd937590459a7644fd1b43

SHA-1:
3bdd8a0ff2a002272f01099ddd5c6c3f59686b90

SHA-256:
62d1bd4743263888f31bce0ff4fda0cff08eb269459fc9190254e209c9550c7c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/20/2024 4:51:06 AM UTC  (today)

File size:
101 Bytes

File type:
Dynamic link library (Win64 DLL)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\esearch.dll

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
3:WbvyztTPGwdSyfj6BtE7p1O4zqxyHun:EvyzhPGd86bEF5zVHu

Entry point:
78, 9C, 33, E2, E5, 52, 49, 2C, 28, 8C, 2F, 2D, E6, 74, 8A, 0C, 72, 09, 56, 88, 76, 74, 0C, F0, 89, 55, 70, 0C, 08, F0, 71, 55, F0, F4, 73, 06, 62, 17, D7, 08, 05, 85, 68, 05, 15, C7, 80, 40, 85, 58, CE, D0, 60, 88, 90, 6B, 30, A7, 91, 95, 01, 14, 80, 4C, A9, C8, 07, 99, E2, E8, 0B, 54, ED, 16, E4, AF, 10, EC, 1A, 12, E2, E3, EA, EB, EA, 17, A2, 00, 32, 12, 62, 42, 84, 3F, 6E, 13, 00, BA, 91, 22, 4B...
 
[+]

Entropy:
6.2596

The file esearch.dll has been seen being distributed by the following URL.

http://app.incrediblecharts.com/userscripts/esearch/esearch.dll?searchstr=AAPL *&searchonlycodes=0&searchtextoption=0&random=1403331681&userid=582634&clientid_info=319682&csession=62FF6AE3CD3FAB9CC2417CA3F0E4068B&build=7.0.0.33&datamodulebuild=1.0.0.34&screenerisapi=/userscripts/.../fm_screening7.dll

Scan esearch.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.