home

libssl32.dll

The OpenSSL Toolkit

Shenzhen Weiaipu Information Technology Co., Ltd.

ssleay32.dll is the libssl32.dll binary is part of the OpenSSL Project used to implement Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols for the included program and is recompiled by Shenzhen Weiaipu Information Technology Co., Ltd.. The file has been seen being downloaded from 220.243.228.89 and multiple other hosts.
Publisher:
The OpenSSL Project, http://www.openssl.org/  (signed by Shenzhen Weiaipu Information Technology Co., Ltd.)

Product:
The OpenSSL Toolkit

Description:
OpenSSL Shared Library

Version:
0.9.8k

MD5:
01a06febdc2fd87da73ff1944f13627e

SHA-1:
b67aab1e8198ac50f330f9cd58cd29b7fb7c6267

SHA-256:
e1b39abaaa2e009102e0802da7b8e438aa5189ed75b4d047b73f8c7bdb47f759

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/17/2024 12:14:38 AM UTC  (today)

File size:
201.9 KB (206,704 bytes)

Product version:
0.9.8k

Copyright:
Copyright © 1998-2007 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.

Original file name:
ssleay32.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\3utools\files\patchtools\libssl32.dll

Digital Signature
Signed by:
Shenzhen Weiaipu Information Technology Co., Ltd.

Authority:
GlobalSign nv-sa

Valid from:
10/27/2015 1:10:00 PM

Valid to:
10/27/2016 1:10:00 PM

Subject:
CN="Shenzhen Weiaipu Information Technology Co., Ltd.", O="Shenzhen Weiaipu Information Technology Co., Ltd.", L=Shenzhen, S=Guangdong, C=CN

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121BF567E7ECFBF9C01390F0CC8231DDC82

File PE Metadata
Compilation timestamp:
3/27/2009 9:50:50 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
6144:40xZEwjjOxskUihW1Wz1Uz3K/OWnAshBNJv5EKwJvr:40xrBkUihSWzaGmVshBN8KAr

Entry address:
0x248FA

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 40, 04, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, CC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 70, F5, 02, 10, 89, 0D, 6C, F5, 02, 10, 89, 15, 68, F5, 02, 10, 89, 1D, 64, F5, 02, 10, 89, 35, 60, F5, 02, 10, 89, 3D, 5C, F5, 02, 10, 66, 8C, 15, 88, F5, 02, 10, 66, 8C, 0D, 7C, F5, 02, 10, 66, 8C, 1D, 58, F5, 02, 10, 66, 8C, 05, 54, F5, 02, 10, 66, 8C, 25, 50, F5, 02, 10, 66, 8C, 2D, 4C, F5, 02, 10, 9C, 8F, 05, 80, F5...
 
[+]

Entropy:
6.5201

Code size:
144 KB (147,456 bytes)

The file libssl32.dll has been seen being distributed by the following 5 URLs.

http://220.243.228.89/d.updater.3u.com/3utools/3utools/update_files/files/.../01A06FEBDC2FD87DA73FF1944F13627E.dll?wsiphost=local

http://180.180.248.169/d.updater.3u.com/3utools/3utools/update_files/files/.../01A06FEBDC2FD87DA73FF1944F13627E.dll

http://d.updater.3u.com/3utools/3utools/update_files/files/.../01A06FEBDC2FD87DA73FF1944F13627E.dll

http://58.26.7.184/d.updater.3u.com/3utools/3utools/update_files/files/.../01A06FEBDC2FD87DA73FF1944F13627E.dll

http://180.180.248.169/d.updater.3u.com/3utools/3utools/update_files/files/.../01A06FEBDC2FD87DA73FF1944F13627E.dll?wsiphost=ipdb

Scan libssl32.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.