» klastrpwdmon.dll
Overview
Analysis
File Details
Programs (1)

klastrpwdmon.dll

KLAstrPw Dynamic Link Library

Serhiy Horobets

File name:

klastrpwdmon.dll

Publisher:

Serhiy Horobets (signed and verified)

Product:

KLAstrPw Dynamic Link Library

Version:

2.95.88.0

MD5:

8ce02acd07957690705c1aa73a41663e

SHA-1:

80a669e31ec345253d7a1e34db05634606c2710e

SHA-256:

4f3e7ec1894c145b347c02480f1c7dc6010d181534d35d404db2055234d7be58

Scanner detections:

5 / 68

Status:

Clean (5 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/25/2024 10:23:41 PM UTC (today)

Scan engine

Detection

Engine version

Emsisoft Anti-Malware

Riskware.Win32.IEPasswordsRevealer.AMN

8.15.12.16.10

ESET NOD32

Win32/PSWTool.IEPasswordsRevealer.A potentially unsafe application

7.0.302.0

Kaspersky

not-a-virus:PSWTool.Win32.Asterisk

15.0.0.562

Trend Micro House Call

TROJ_GEN.R06H1E9

7.2.350

VIPRE Antivirus

Trojan.Win32.Generic

20736

File size:

84.3 KB (86,312 bytes)

Product version:

2.95.88.0

Original file name:

KLAstrPw.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\roaming\asterisks password viewer\install\2.95.88\378d283\klastrpwdmon.dll

Digital Signature

Signed by:

Serhiy Horobets

Authority:

The USERTRUST Network

Valid from:

1/17/2010 6:00:00 PM

Valid to:

1/18/2012 5:59:59 PM

Subject:

CN=Serhiy Horobets, O=Serhiy Horobets, STREET=Sechenova st. 7a - 38, L=Kiev, S=Kiev, PostalCode=03127, C=UA

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

30E688418A082C86081E5701459AFF52

File PE Metadata

Compilation timestamp:

10/15/2011 1:55:09 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

1536:z74+krFcjF8auGKNlgMwbjrg1snnIu+nZ97Gk2qTiO6y35:z74RWRWHgpfr/bSgqTiO6

Entry address:

0x2F1E

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, F3, 36, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, B8, 66, 71, 00, 10, A3, 70, 32, 01, 10, C7, 05, 74, 32, 01, 10, 5C, 68, 00, 10, C7, 05, 78, 32, 01, 10, 10, 68, 00, 10, C7, 05, 7C, 32, 01, 10, 49, 68, 00, 10, C7, 05, 80, 32, 01, 10, B2, 67, 00, 10, A3, 84, 32, 01, 10, C7, 05, 88, 32, 01, 10, DE, 70, 00, 10, C7, 05, 8C, 32, 01, 10, CE, 67, 00, 10, C7, 05, 90, 32, 01, 10, 30, 67, 00, 10, C7, 05, 94, 32, 01, 10, BC, 66... 
[+]

Entropy:

6.3686

Code size:

52.5 KB (53,760 bytes)

The file klastrpwdmon.dll has been discovered within the following program.

Asterisks Password Viewer by Keylack Software

Publisher's description - “Asterisks Password Viewer is advanced password recovery tool that allows you to see the actual password behind the asterisks. OS Windows stores your frequently used passwords, such as the passwords in Microsoft Outlook email or for an FTP account.”

www.keylack.com/asterisks-password-viewer.html

4% remove it

Scan klastrpwdmon.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.