» libcurl.dll
Overview
Analysis
File Details
Programs (1)

libcurl.dll

The cURL library

Taiwan Shui Mu Chih Ching Technology Limited

The file libcurl.dll, “libcurl Shared Library” by Taiwan Shui Mu Chih Ching Technology Limited has been detected as adware by 4 anti-malware scanners. This file is typically installed with the program Picexa by Taiwan Shui Mu Chih Ching Technology Limited.. It is also typically executed from the user's temporary directory.

File name:

libcurl.dll

Publisher:

The cURL library, http://curl.haxx.se/ (signed by Taiwan Shui Mu Chih Ching Technology Limited)

Product:

The cURL library

Description:

libcurl Shared Library

Version:

7.37.0

MD5:

039eaa3bedf5767c0dd193fe37822ad3

SHA-1:

4a56ba960de93e7c10d3231b243583f8d283a38d

SHA-256:

a6a39d2cd85298a3e80ca4035b3a7314bcef66a16b0dcf265492f2830e40776f

Scanner detections:

4 / 68

Status:

Adware

Analysis date:

5/3/2024 7:48:24 PM UTC (today)

Scan engine

Detection

Engine version

AVG

Generic

2016.0.3158

Bkav FE

W32.HfsAdware

1.3.0.6379

Dr.Web

Adware.Mutabaha.229

9.0.1.05190

Reason Heuristics

PUP.Thinknice

15.3.26.12

File size:

296.7 KB (303,800 bytes)

Product version:

7.37.0

?1996 - 2014 Daniel Stenberg, <daniel@haxx.se>.

Original file name:

libcurl.dll

Common path:

C:\users\{user}\appdata\local\temp\_@68dc.tmp

Digital Signature

Signed by:

Taiwan Shui Mu Chih Ching Technology Limited

Authority:

GlobalSign nv-sa

Valid from:

3/4/2015 11:26:37 AM

Valid to:

3/4/2016 11:26:37 AM

Subject:

CN=Taiwan Shui Mu Chih Ching Technology Limited, O=Taiwan Shui Mu Chih Ching Technology Limited, L=Taipei City, S=Taiwan, C=TW

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121003857AB2AD439A7293EF2F1A8B3DCB6

File PE Metadata

Compilation timestamp:

11/3/2014 8:39:57 AM

OS version:

6.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

6144:/I02duOBrxobCZaH1l8IOmgvBVe3Lj04Imh4HDzU0Q/N:/I0LO5+bCkwm+Ve3Lj04IS4j4V

Entry address:

0x3AA3F

Entry point:

55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, DA, 04, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 10, 68, 28, 5A, 04, 10, E8, D2, 05, 00, 00, 33, C0, 40, 8B, F0, 89, 75, E4, 33, DB, 89, 5D, FC, 8B, 7D, 0C, 89, 3D, 70, 70, 04, 10, 89, 45, FC, 85, FF, 75, 0C, 39, 3D, 00, 75, 04, 10, 0F, 84, D4, 00, 00, 00, 3B, F8, 74, 05, 83, FF, 02, 75, 38, A1, BC, 59, 04, 10, 85, C0, 74, 0E, FF, 75, 10, 57, FF, 75, 08, FF, D0, 8B, F0, 89, 75, E4, 85, F6, 0F, 84, B1, 00, 00, 00... 
[+]

Entropy:

6.5889

Developed / compiled with:

Microsoft Visual C++

Code size:

232.5 KB (238,080 bytes)

The file libcurl.dll has been discovered within the following program.

Picexa by Taiwan Shui Mu Chih Ching Technology Limited.

About 2% of users remove it

Remove libcurl.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.