» fr-fr.dll
Overview
Analysis
File Details
Programs (1)
Downloads (7)

fr-fr.dll

Classic Shell

IvoSoft

This is installed with Classic Shell. The file has been seen being downloaded from download899.mediafire.com and multiple other hosts.

File name:

fr-fr.dll

Publisher:

IvoSoft

Product:

Classic Shell

Description:

fr-FR

Version:

4, 0, 5, 1

MD5:

2941bd6f6fcce9078c41b1e5b44d894d

SHA-1:

93bf789ba87db3f9844941ec136e859c90783463

SHA-256:

807d989ece94050d5764e04862b8e8a8b976584a3a36a36a4f93e87df17299eb

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/19/2024 10:32:25 PM UTC (today)

File size:

167 KB (171,008 bytes)

Product version:

4, 0, 5, 1

Original file name:

fr-FR

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\fr-fr.dll

File PE Metadata

Compilation timestamp:

10/5/2013 3:33:27 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

768:2/MKPffDs+TiCAwlQ0oGTaatgrk14zi6Jq7DZf27kQPNxCwFlMDkKbvKeB4foomb:2bfw+wwlQbatUJq7D4BB4RxDUdGr

Entry address:

0x1233

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 09, 16, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 56, FF, 35, 04, A0, 00, 10, 8B, 35, 10, 80, 00, 10, FF, D6, 85, C0, 74, 21, A1, 00, A0, 00, 10, 83, F8, FF, 74, 17, 50, FF, 35, 04, A0, 00, 10, FF, D6, FF, D0, 85, C0, 74, 08, 8B, 80, F8, 01, 00, 00, EB, 27, BE, 2C, 81, 00, 10, 56, FF, 15, 08, 80, 00, 10, 85, C0, 75, 0B, 56, E8, 29, 07, 00, 00, 59, 85, C0, 74, 18, 68, 1C, 81, 00, 10, 50, FF, 15, 0C... 
[+]

Code size:

25 KB (25,600 bytes)

The file fr-fr.dll has been discovered within the following program.

Classic Shell by IvoSoft

Publisher's description - “Classic Shell is a collection of features that were available in older versions of Windows but are removed from Vista and Windows 7. It has a classic start menu for Windows 7. It adds a toolbar for Windows Explorer and supports a variety of smaller features.”

classicshell.sourceforge.net

8% remove it

The file fr-fr.dll has been seen being distributed by the following 7 URLs.

http://download899.mediafire.com/rq8akjq1vymg/.../fr-FR.dll

http://download1605.mediafire.com/2muk0h2uq3dg/.../fr-FR.dll

http://download1605.mediafire.com/b469ikbl484g/.../fr-FR.dll

http://download899.mediafire.com/f90bta1sb51g/.../fr-FR.dll

http://download899.mediafire.com/f8dccppx5cug/.../fr-FR.dll

http://download899.mediafire.com/qmy1q2bmnmwg/.../fr-FR.dll

http://download1605.mediafire.com/1py7ycb8fjjg/.../fr-FR.dll

Scan fr-fr.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.