» kdfinj.dll
Overview
Analysis
File Details

kdfinj.dll

k-Defense kdfinj Library

Kings Information & Network

The library kdfinj.dll, “kdfinj 39031601 R5” has been detected as malware by 6 anti-virus scanners.

File name:

kdfinj.dll

Publisher:

Kings Information & Network (signed and verified)

Product:

k-Defense kdfinj Library

Description:

kdfinj 39031601 R5

Version:

5, 3, 0, 4

MD5:

656f2d3aeaef4e2776e04e05f1a3fe5d

SHA-1:

7547d858500cd09605f10cdf75037a50978332a7

SHA-256:

b589fc1688e6311d7edd72710426115b658af9cc6fd2229b1f616204a440616c

Scanner detections:

6 / 68

Status:

Malware

Analysis date:

4/24/2024 7:37:40 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Packed/Execryptor

7.1.1

Avira AntiVirus

TR/Gendal.6061206

7.11.186.130

F-Prot

W32/MalwareF.EEKU

v6.4.7.1.166

Norman

Suspicious_Gen2.QREVO

11.20161106

Rising Antivirus

PE:Trojan.Win32.Generic.15A2C577!362988919

23.00.65.161104

VIPRE Antivirus

Trojan.Win32.Generic

34844

File size:

404.1 KB (413,768 bytes)

Product version:

2009, 3, 16, 1

Original file name:

kdfinj.dll

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\appdata\local\temp\kdfinj.dll

Digital Signature

Signed by:

Kings Information & Network

Authority:

VeriSign, Inc.

Valid from:

6/10/2008 9:00:00 AM

Valid to:

6/12/2009 8:59:59 AM

Subject:

CN=Kings Information & Network, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Kings Information & Network, L=Songpa-gu, S=Seoul, C=KR

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

418BC8CDF2953EA9AD154EFB923CA265

File PE Metadata

Compilation timestamp:

3/16/2009 9:43:30 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

12288:ZkEU5UG+LkuBwRUUPBqnhloOSoqBhAsVwhW4bXB:ZkTsg2GPQP1QhA5pXB

Entry address:

0x129F6B

Entry point:

E8, 3B, FF, FF, FF, 05, B6, 06, 00, 00, FF, E0, E8, 2F, FF, FF, FF, 05, 6F, 0C, 00, 00, FF, E0, E8, CD, 00, 00, 00, 4B, 7D, 12, 10, 1F, 05, 33, 3C, 2E, 1D, 14, 07, 2A, 1D, 07, 1C, 5F, 20, 41, 23, 24, 66, 3A, 64, 72, 0E, 01, 07, 0F, 17, 01, 3D, 36, 01, 5E, 17, 3D, 3B, 01, 0A, 04, 14, 6D, 15, 12, 2A, 2A, 2C, 3A, 0A, 07, 0D, 55, 12, 11, 35, 03, 03, 03, 03, 03, 0C, 1F, 29, 08, 20, 0F, 14, 62, 4A, 2A, 8C, 09, 01, 23, 22, 60, 40, 4A, 07, 41, 29, 1D, 26, 4D, 10, 1C, 07, 22, 24, 0F, 27, 15, 0A, 24, 23, 12, 10, 14... 
[+]

Entropy:

7.4204

Code size:

72 KB (73,728 bytes)

Remove kdfinj.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.