heurscan.dll

Scan heurscan.dll - Powered by Reason Core Security
Description:
peauto library

Version:
7, 0, 0, 1

MD5:
615254875ed4eba7b5e71544a252129e

SHA-1:
e04275b4f52e6ffb47c187779dca4ea88675ce85

SHA-256:
d193582cdebc20784874597f424b646a0056d9ffdee7ef0a0fcd6aba8a9773e1

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/4/2016 9:32:34 PM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Trojan.VBInject!1.64FE
23.00.65.14608

File size:
5 MB (5,241,856 bytes)

Original file name:
peauto.dll

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\Program Files\quick heal\quick heal total security\heurscan.dll

File PE Metadata
Compilation timestamp:
6/9/2014 10:48:09 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:8HEKSeHJgkukrWzV9HTBKwIbCU2RdggHcdoHkIyZmsH0j/jvhqf2WDSAFu6eG0Iu:3CpzXmHHyZmkDJ3

Entry address:
0x114650

Entry point:
48, 83, EC, 28, 85, D2, 48, 89, 5C, 24, 30, 48, 89, 6C, 24, 38, 48, 89, 74, 24, 40, 8B, DA, 48, 8B, E9, 49, 8B, F0, 75, 1E, 39, 15, 0B, 78, 3C, 00, 75, 59, 33, C0, 48, 8B, 74, 24, 40, 48, 8B, 6C, 24, 38, 48, 8B, 5C, 24, 30, 48, 83, C4, 28, C3, 83, FA, 01, 74, 05, 83, FA, 02, 75, 39, 48, 8B, 05, EA, 77, 3C, 00, 48, 85, C0, 74, 06, FF, D0, 85, C0, 74, 11, 4C, 8B, C6, 8B, D3, 48, 8B, CD, E8, BA, FE, FF, FF, 85, C0, 75, 16, 33, C0, 48, 8B, 74, 24, 40, 48, 8B, 6C, 24, 38, 48, 8B, 5C, 24, 30, 48, 83, C4, 28, C3...
 
[+]

Entropy:
4.3907

Code size:
1.1 MB (1,129,984 bytes)

Scan heurscan.dll - Powered by Reason Core Security