home

installoptions.dll

Shanda Games

Publisher:
Shanda Games  (signed and verified)

MD5:
849a80c233a3f5c66e4f59b358731c98

SHA-1:
1173df705451a4d2be5aa047e3e2c9660ac31a73

SHA-256:
c7631d37473f874b435e28051689028c675e16b313b257e1283236ece55fe0cf

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/16/2024 12:32:16 PM UTC  (today)

File size:
20.8 KB (21,304 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\installoptions.dll

Digital Signature
Signed by:
Shanda Games

Authority:
VeriSign, Inc.

Valid from:
11/25/2010 4:00:00 PM

Valid to:
11/25/2013 3:59:59 PM

Subject:
CN=Shanda Games, OU=Netwrok Security, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Shanda Games, L=ShangHai, S=ShangHai, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
022893618A1DFA73D66C50FE4EE6DE61

File PE Metadata
Compilation timestamp:
4/29/2011 7:43:30 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
384:SzWQ5UM3lJzstMy4kVJxjCfzLjRU4jnYPLJOhXeMQf:q5zEey4MWfdUkaf

Entry address:
0x1CE7

Entry point:
8B, 44, 24, 04, A3, E4, 62, 00, 10, 33, C0, 40, C2, 0C, 00, 56, 8B, 74, 24, 08, 57, 33, FF, 39, 3E, 74, 1B, 8B, C6, FF, 30, FF, 74, 24, 14, FF, 15, 6C, 30, 00, 10, 85, C0, 74, 10, 47, 8D, 04, FE, 83, 38, 00, 75, E7, 33, C0, 5F, 5E, C2, 08, 00, 8B, 44, FE, 04, EB, F5, 53, 55, 56, 8B, 74, 24, 14, 57, 33, ED, 8B, FE, 8A, 1E, 80, FB, 7C, 74, 0F, 84, DB, 74, 0B, 56, FF, 15, 00, 31, 00, 10, 8B, F0, EB, EA, 57, FF, 74, 24, 18, C6, 06, 00, E8, 9D, FF, FF, FF, 0B, E8, 88, 1E, 84, DB, 74, 03, 46, EB, D0, 5F, 5E, 8B...
 
[+]

Entropy:
6.3809

Code size:
7 KB (7,168 bytes)

Scan installoptions.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.