home

esearch.dll

MD5:
8f29f379252c01c09b31c0f66c2675cc

SHA-1:
43189f17dcdd314bbc4d18ca2e9e200260b3dc55

SHA-256:
f648e24269afd240bfd695a76be9e2c78b2215759c4c6e825a03968d0ae8c9e4

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/20/2024 3:14:19 AM UTC  (today)

File size:
88 Bytes

File type:
Dynamic link library (Win64 DLL)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\esearch.dll

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
3:Y0rah0kVy5FvlPpPr6+BZ6/A:vraW9PpP2gE/A

Entry point:
78, 9C, 33, E2, E5, 4A, 4C, 2C, C8, 89, 4F, AA, E0, 74, 0C, 08, F0, 71, 55, 50, 88, 56, 70, 74, 0C, F0, 51, 88, E5, 0C, 0D, 56, 08, 72, 75, F4, D1, 0D, F1, F4, 75, 55, D0, 70, 72, 0C, 09, 56, 70, 8A, 8A, D0, E4, 34, B2, 32, 35, 35, 31, 31, 32, 30, 34, 80, EA, 2D, 2D, 86, EA, F5, F4, 73, 46, D2, EF, E7, 18, EC, E2, 18, 88, A2, 1C, 00, 08, AF, 1A, A5...
 
[+]

Entropy:
5.7120

The file esearch.dll has been seen being distributed by the following URL.

http://app.incrediblecharts.com/userscripts/esearch/esearch.dll?searchstr=aapl *&searchonlycodes=1&searchtextoption=0&random=1470352258&userid=582634&clientid_info=319682&csession=62FF6AE3CD3FAB9CC2417CA3F0E4068B&build=7.0.0.33&datamodulebuild=1.0.0.34&screenerisapi=/userscripts/.../fm_screening7.dll

Scan esearch.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.