home

gg.dll

MD5:
1924cc7e8121390d47cb491c219305eb

SHA-1:
d9872ee57250101c30251d6c7955d0248f19da35

SHA-256:
acf861e5f3a4ad724d6ae27050343716c2155558f7798cef176da52b56773d68

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/20/2024 3:55:25 AM UTC  (today)

Scan engine
Detection
Engine version

Total Defense
Win32/Ramnit.DW
37.1.62.1

File size:
1.8 MB (1,836,032 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\downloads\gg.dll

File PE Metadata
Compilation timestamp:
6/9/2015 9:58:58 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:e2YQZGpx53PdA5tHgbNSvEhi2gRv4P1UFvms8ERLHc46L5rsyHcpbAQm02tj7cPO:eD3MsNS8hi7vG188E9ctgbAQi8P

Entry address:
0x8084F0

Entry point:
60, E8, 00, 00, 00, 00, 5D, 81, ED, 06, 00, 00, 00, 81, ED, F0, 84, 80, 00, E9, 4C, 00, 00, 00, 45, 4E, 49, 47, 4D, 41, 04, 00, DF, 07, 06, 00, 09, 00, 0D, 00, 02, 00, 39, 00, 2B, 38, B7, FA, 92, 5E, C7, 7A, DB, F5, 6C, D8, 3E, CA, 30, 70, ED, CF, 48, B1, 02, 00, 00, 00, 9A, 2C, F9, FD, 50, AE, 4B, 30, 4F, 10, 73, E0, A0, E1, D3, AA, 1F, A4, 91, E7, 2D, 23, 31, 76, AF, 1C, A4, 81, 85, 55, 29, F8, 8A, 84, 24, 28, 00, 00, 00, 80, F8, 01, 0F, 84, 07, 00, 00, 00, 61, 33, C0, 40, C2, 0C, 00, E9, 04, 00, 00, 00...
 
[+]

Packer / compiler:
ASPack v1.08.04

Code size:
3.5 KB (3,584 bytes)

The file gg.dll has been seen being distributed by the following URL.

https://fs04n2.sendspace.com/dl/8a7c851a13b71498bbcfb9b5a518ddff/55f1ff6b7253e164/.../gg.dll

Scan gg.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.