home

gcrypto.dll

Cong ty dau tu va phat trien cong nghe thong tin

Publisher:
Cong ty dau tu va phat trien cong nghe thong tin  (signed and verified)

MD5:
c51324c9fb621483ae0fa1b04f68ffe9

SHA-1:
0df9ee88536018275aecfb4390565113a4e9f932

SHA-256:
6b49e01ec3850f2e3027a5014c382b378f45c6da61fe58cc66eb582b0f3bb56f

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/19/2024 8:20:14 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/PECompact
7.1.1

Bkav FE
HW32.CDB
1.3.0.4959

Trend Micro House Call
Suspicious_GEN.F47V0702
7.2.201

File size:
107.3 KB (109,896 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\vtcgame\dot kich\gplib\gcrypto.dll

Digital Signature
Signed by:
Cong ty dau tu va phat trien cong nghe thong tin

Authority:
VeriSign, Inc.

Valid from:
7/30/2013 7:00:00 AM

Valid to:
8/26/2015 6:59:59 AM

Subject:
CN=Cong ty dau tu va phat trien cong nghe thong tin, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Cong ty dau tu va phat trien cong nghe thong tin, L=Hanoi, S=Hanoi, C=VN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2F318FA88A92CCE830CC187023EC0B36

File PE Metadata
Compilation timestamp:
7/2/2014 10:42:55 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:kLCaMKYIvgnNJwpA4gBHOT/K24lmzueUa8V0:YCNKYIvgnNJwpwKK2Hzuy8a

Entry address:
0x14B06

Entry point:
B8, 6C, 70, 04, 10, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 0E, 85, AA, 16, 4E, 6F, FA, A7, AE, 51, 10, 26, 3F, 81, 25, 8D, 55, E0, 99, 33, F6, 1D, 04, 24, B0, F5, 7E, 1E, 5F, F8, 5C, 1B, 9D, BB, B5, FE, 24, 58, 42, 71, 2A, 3D, 35, FD, 5B, 91, 4A, 87, A9, DD, F2, 0C, 41, F7, 19, ED, B3, 46, 34, 67, 2A, DE, D8, 87, DE, B1, EB, 95, 5E, E1, B5, 11, 56, A3, 6B, 66, F1, 8B, 2D, 14, D1, 3A, 2B, BF, FD, 0F, 78, A2, 85, B4, B1, D6, 1A...
 
[+]

Packer / compiler:
PECompact v2

Code size:
172 KB (176,128 bytes)

Scan gcrypto.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.