home

esearch.dll

MD5:
1240eeb2c201f270d9dcc8da2b433765

SHA-1:
c39bbf5364ba794a3681b6ad221e258486b0a308

SHA-256:
0022b1de20ea010f03361b31a3f6f0b96fa82bb82af6263b1a3214fc5138a262

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/31/2024 9:09:22 PM UTC  (today)

File size:
52 Bytes

File type:
Dynamic link library (Win16 DLL)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\esearch.dll

File PE Metadata
Compilation timestamp:
2/24/2032 7:25:03 AM

OS version:
34240.7386

OS bitness:
Win16

Linker version:
83.136

CTPH (ssdeep):
3:TUyNiSZmRmMx5A6nFb:TUrQMx5A6nFb

Entry address:
0x32363234

Entry point:
78, 9C, 33, E4, E5, 4A, 29, 8B, 2F, 2D, E6, 74, 71, 0D, 0B, 8A, 54, F0, F4, 73, 56, 50, 88, 56, 70, 09, 53, 88, E5, F4, 8B, 0C, 76, E5, 34, B2, 32, 31, 35, 33, 34, 32, 36, 32, E0, E5, 02, 00, FA, C0, 0A, 34...
 
[+]

Entropy:
5.1714

Code size:
200.7 MB (210,498,789 bytes)

The file esearch.dll has been seen being distributed by the following URL.

http://app.incrediblecharts.com/userscripts/esearch/esearch.dll?searchstr=DEVRY US&searchonlycodes=0&searchtextoption=0&random=705751250&userid=576128&clientid_info=3232&csession=811C3010BBDCBB18E0431241FC6596FB&build=7.0.0.14&datamodulebuild=1.0.0.30&screenerisapi=/userscripts/.../fm_screening7.dll

Scan esearch.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.