home

etpdfsign.dll

MD5:
64d100c0e9999713ca10b4a1cbd209c8

SHA-1:
e2795e274f82bf8aac4904745fe8aead55691793

SHA-256:
d75bacf1b9a8333c96991a2240a54877960ed09081ae9d41954200fee5acfcfc

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
5/1/2024 6:04:35 AM UTC  (today)

Scan engine
Detection
Engine version

F-Secure
Win32.Ramnit.N
5.05.7110

File size:
440.8 KB (451,360 bytes)

File type:
Dynamic link library (Win64 DLL)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\etpdfsign.dll

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
6144:3VcWoeP8kyJvXHZ3NH19T7EsoBptsk8KZ/4vReRWR4/WJ2N5efWRexigtvQWY5VF:3LK5HohskJAJel/j6fWgxx47Tuq

Entry point:
54, 56, 71, 51, 41, 41, 4D, 41, 41, 41, 41, 45, 41, 41, 41, 41, 2F, 2F, 38, 41, 41, 4C, 67, 41, 41, 41, 41, 41, 41, 41, 41, 41, 51, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 0A, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 38, 41, 41, 41, 41, 41, 34, 66, 75, 67, 34, 41, 74, 41, 6E, 4E, 49, 62, 67, 42, 54, 4D, 30, 68, 56, 47, 68, 70, 63, 79, 42, 77, 63, 6D, 39, 6E, 63, 6D, 46, 74, 49, 47, 4E, 68, 62, 6D, 35...
 
[+]

The file etpdfsign.dll has been seen being distributed by the following 2 URLs.

https://www.firma.infocert.it/.../etpdfsign.dll

https://www.firma.infocert.it/.../etpdfsign.dll

Scan etpdfsign.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.