home

libeay32.dll

The OpenSSL Toolkit

TRIORIS LLC

libeay32.dll is the libeay32.dll binary is part of the OpenSSL Project used to implement Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols for the included program and is recompiled by TRIORIS LLC. The module libeay32.dll, “OpenSSL Shared Library” by TRIORIS has been detected as a potentially unwanted program by 3 anti-malware scanners. Note, this is a common distributed file and although it has been detected it might not be a threat is un-coupled from its distribution source.
Publisher:
The OpenSSL Project, http://www.openssl.org/  (signed by TRIORIS LLC)

Product:
The OpenSSL Toolkit

Description:
OpenSSL Shared Library

Version:
1.0.1c

MD5:
552082b619ca730f641176ce17c11e58

SHA-1:
26c2a5fce62ddefbd998af91156c4559ac2f7151

SHA-256:
1ddf8d13051bd5fe08f3a51c4b579b969169f2a734635bf12bc2f60ef8e27a5c

Scanner detections:
3 / 68

Status:
Potentially unwanted

Explanation:
This is the libeay32.dll binary is part of the OpenSSL Project used to implement Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols for the included program. While the file itself is not dangerous, it is part of a program that has been detected.

Analysis date:
4/25/2024 10:50:12 PM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Adware.Win32.Trioris
4.0.3.141024

ESET NOD32
Win32/AdWare.Trioris (variant)
8.10597

Reason Heuristics
Common.OpenSSLPackaged.PUP.Optional.I
14.10.24.2

File size:
1.2 MB (1,272,480 bytes)

Product version:
1.0.1c

Copyright:
Copyright © 1998-2005 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.

Original file name:
libeay32.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\screentk\libeay32.dll

Digital Signature
Signed by:
TRIORIS LLC

Authority:
COMODO CA Limited

Valid from:
3/27/2013 4:00:00 AM

Valid to:
3/27/2016 3:59:59 AM

Subject:
CN=TRIORIS LLC, O=TRIORIS LLC, STREET="Griboedova str., 34, 5", L=Novosibirsk, S=Novosibirsk region, PostalCode=630000, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00DDE431469F44EE01CD42B3680AB9990D

File PE Metadata
Compilation timestamp:
11/19/2012 5:04:31 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

CTPH (ssdeep):
24576:GT6aN9hBfxzdGOdH0E1JkBCLO/97cAV3iB9Kp1WVqhJ9TR2:GTpZ3d0ikBCLOxV3iB9Kp1WVcJ9TR2

Entry address:
0xBC0A1

Entry point:
83, 7C, 24, 08, 01, 75, 05, E8, A3, 89, 00, 00, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, ED, FE, FF, FF, 59, C2, 0C, 00, 55, 8B, EC, 51, 56, 8B, 75, 0C, 56, E8, 74, D5, FF, FF, 89, 45, 0C, 8B, 46, 0C, A8, 82, 59, 75, 17, E8, 5F, B1, FF, FF, C7, 00, 09, 00, 00, 00, 83, 4E, 0C, 20, 83, C8, FF, E9, 2D, 01, 00, 00, A8, 40, 74, 0D, E8, 44, B1, FF, FF, C7, 00, 22, 00, 00, 00, EB, E3, 53, 33, DB, A8, 01, 74, 16, A8, 10, 89, 5E, 04, 0F, 84, 85, 00, 00, 00, 8B, 4E, 08, 83, E0, FE, 89, 0E, 89, 46, 0C, 8B...
 
[+]

Code size:
808 KB (827,392 bytes)

Remove libeay32.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.