» ldr.dll
Overview
Analysis
File Details

ldr.dll

Paraben's Device Seizure

Paraben Corporation

File name:

ldr.dll

Publisher:

Paraben Corporation (signed and verified)

Product:

Paraben's Device Seizure

Description:

Paraben's Loader (EKV)

Version:

3.0.4702.34592

MD5:

f1df99bc18f5d97dbb23112d9b270a16

SHA-1:

a8fbbb4f0f7e3370b48cd18652b87701a7a0d128

SHA-256:

3f8680336b529deb73ca8d84630fc613ee6e4d8d17333d95970a0bf9099bcdfd

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 10:38:35 PM UTC (today)

File size:

1.2 MB (1,252,760 bytes)

Product version:

3.0.4702.34592

Original file name:

ldr.dll

File type:

Dynamic link library (Win32 DLL)

Language:

Language Neutral

Digital Signature

Signed by:

Paraben Corporation

Authority:

GlobalSign nv-sa

Valid from:

10/13/2011 8:21:34 PM

Valid to:

11/12/2013 8:21:34 PM

Subject:

E=Rob@paraben.com, CN=Paraben Corporation, O=Paraben Corporation, L=Pleasant Grove, S=Utah, C=US

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11215225011602683F59B6F214BB83FBDF67

File PE Metadata

Compilation timestamp:

11/16/2012 12:10:26 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

24576:xAF5ApmK1qLV0Grdq6YM/cp8vHzrH1omuAv16k5Sa8zZpci7wWBUQG40d/Xl9:xAspmak5rE305im516k8Zpf790519

Entry address:

0x323000

Entry point:

83, EC, 04, 50, 53, E8, 01, 00, 00, 00, CC, 58, 89, C3, 40, 2D, 00, 30, 0F, 00, 2D, CF, EB, DB, 04, 05, C4, EB, DB, 04, 80, 3B, CC, 75, 19, C6, 03, 00, BB, 00, 10, 00, 00, 68, EA, F0, BF, 41, 68, 19, 53, A8, 53, 53, 50, E8, 0A, 00, 00, 00, 83, C0, 00, 89, 44, 24, 08, 5B, 58, C3, 55, 89, E5, 50, 53, 51, 56, 8B, 75, 08, 8B, 4D, 0C, C1, E9, 02, 8B, 45, 10, 8B, 5D, 14, 85, C9, 74, 0A, 31, 06, 01, 1E, 83, C6, 04, 49, EB, F2, 5E, 59, 5B, 58, C9, C2, 10, 00, 5A, 4D, 00, 92, DE, 0E, 77, C4, 95, 69, 78, 71, 5C, E7... 
[+]

Entropy:

7.9347 (probably packed)

Code size:

600.5 KB (614,912 bytes)

Scan ldr.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.