home

m16l.dll

m16l

http://war3.m16online.com/

Publisher:
http://war3.m16online.com/

Product:
m16l

Description:
M16 Luancher

Version:
1.3.0.0

MD5:
13451c390a36cc3bb4292e060c0f858d

SHA-1:
6f1b6ecd011f7bbaff0a1ad76d082a93e1f6fd98

SHA-256:
8519bb3f266a30e988062f893ff6d14be057e2214b9ee0822d98ddef57700aaa

Scanner detections:
4 / 68

Status:
Clean  (4 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/25/2024 2:40:21 PM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Hacktool.Win32.Packed.Themida
4.0.3.15124

Bkav FE
HW32.Packed
1.3.0.7383

ESET NOD32
Win32/Packed.Themida suspicious application
7.0.302.0

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D [F]
23.00.65.151027

File size:
1.6 MB (1,681,408 bytes)

Product version:
1.3.0.0

Copyright:
(c) 2008-2011 Keres / Rupan / phatdeeva / rippi

Original file name:
m16l.dll

File type:
Dynamic link library (Win32 DLL)

File PE Metadata
Compilation timestamp:
10/17/2015 5:37:22 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:nEDLh4Z1v1mnexnqvhzmUbOURdxiVdh9117MV:EHhGdUUnqJzLb7Pi9z17

Entry address:
0x434000

Entry point:
EB, 08, 0F, 86, 19, 00, 00, 00, 00, 00, E9, 00, 20, 00, 00, 54, 41, 47, 47, 00, 20, 00, 00, 0E, 1B, 00, 00, 01, 00, 30, 82, 1B, 0A, 06, 09, 2A, 86, 48, 86, F7, 0D, 01, 07, 02, A0, 82, 1A, FB, 30, 82, 1A, F7, 02, 01, 01, 31, 09, 30, 07, 06, 05, 2B, 0E, 03, 02, 1A, 30, 82, 0F, 20, 06, 09, 2A, 86, 48, 86, F7, 0D, 01, 07, 01, A0, 82, 0F, 11, 04, 82, 0F, 0D, D0, 00, 01, 00, 01, C1, B1, A1, 02, 00, 03, 00, 08, 00, 00, 00, 26, 00, 00, 00, 01, 00, 62, A9, 4C, 72, 0C, 63, 8D, E6, 43, 24, F7, 67, C2, AD, 9D, 40, 58...
 
[+]

Entropy:
7.9491  (probably packed)

Code size:
26.5 KB (27,136 bytes)

The file m16l.dll has been seen being distributed by the following 2 URLs.

https://mail.naver.com/file/download/.../?mailSN=1872&attachIndex=2&virus=1&domain=mail.naver.com&u=wnsdl7701

http://blogattach.naver.net/70e56cdfc49d94486686ebd3ed0e740caff805e593/20131217_181_blogfile/.../m16l.dll

Scan m16l.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.