» esearch.dll
Overview
Analysis
File Details
Downloads (2)

esearch.dll

File name:

esearch.dll

MD5:

b9a2fce02c9a77a6a67c9dac7c31bb6c

SHA-1:

5dce2bfc713238a2c20451cd8704bca480b9d4e5

SHA-256:

829d885fcec62c8f69c6b06a2b779880ed2e1bed70a1f02c0bf74e948856b3b6

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/31/2024 9:41:28 AM UTC (today)

File size:

11 Bytes

File type:

Dynamic link library (Win16 DLL)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\esearch.dll

File PE Metadata

OS bitness:

Win16

Entry point:

78, 9C, 33, E0, E5, 02, 00, 00, B7, 00, 48... 
[+]

Entropy:

3.0272

Packer / compiler:

RLPack FullEdition V1.1X

The file esearch.dll has been seen being distributed by the following 2 URLs.

http://app.incrediblecharts.com/userscripts/esearch/esearch.dll?searchstr=CHINERE US&searchonlycodes=0&searchtextoption=0&random=1351863260&userid=576128&clientid_info=3232&csession=6AEDF56C723988CF1AC4E54820443DFC&build=7.0.0.14&datamodulebuild=1.0.0.30&screenerisapi=/userscripts/.../fm_screening7.dll

http://app.incrediblecharts.com/userscripts/esearch/esearch.dll?searchstr=AAPL US *&searchonlycodes=0&searchtextoption=0&random=1773188000&userid=582634&clientid_info=319682&csession=62FF6AE3CD3FAB9CC2417CA3F0E4068B&build=7.0.0.33&datamodulebuild=1.0.0.34&screenerisapi=/userscripts/.../fm_screening7.dll

Scan esearch.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.