home

messagequeue.dll

Hangzhou Chuangju Technology Co.,LTD

Publisher:
Hangzhou Chuangju Technology Co.,LTD  (signed and verified)

MD5:
59eda71c7970edf455549bb97bf9961f

SHA-1:
dbd7698999a23d4499946c97f9acbc87a6ad9322

SHA-256:
487220e4f7982031669ad6247ea1bb68a5dd70c58853dc55482c309ddebb2774

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/25/2024 10:46:56 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.Packed
1.3.0.6185

Comodo Security
Virus.Win32.Virut.CE
19895

Trend Micro House Call
Suspicious_GEN.F47V1024
7.2.308

File size:
183.1 KB (187,528 bytes)

File type:
Dynamic link library (Win32 DLL)

Digital Signature
Signed by:
Hangzhou Chuangju Technology Co.,LTD

Authority:
WoSign eCommerce Services Limited

Valid from:
7/18/2011 4:27:34 AM

Valid to:
7/19/2014 9:43:00 AM

Subject:
E=web@safedog.cn, CN="Hangzhou Chuangju Technology Co.,LTD", O="Hangzhou Chuangju Technology Co.,LTD", L=Hangzhou, S=Zhejiang, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:
7D81565064D7

File PE Metadata
Compilation timestamp:
9/5/2014 9:02:28 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:iC71JNRl6xOaunnLmFfiod7VXgQld10hTMiRIvyE0C2XdmIQhpjhSB2BcdeEkn+o:djNv6xOaUS9FBXnfcxRIvySEsI0pjhfx

Entry address:
0x536CB

Entry point:
0F, 83, 2B, E5, FF, FF, 50, C7, 04, 24, 50, 26, 00, 41, 60, E9, 8A, 21, 00, 00, 8D, 64, 24, 04, 0F, 83, AC, 27, FF, FF, E8, 01, 5C, 00, 00, 4B, 45, 52, 4E, 45, 4C, 33, 32, 2E, 64, 6C, 6C, 00, 0A, FF, CF, F3, F5, C0, C6, C7, B4, B2, 0E, 24, 76, 43, 52, B7, 95, 1C, 30, D5, E7, F1, 70, 4D, C5, D7, 7B, 50, 47, 59, 68, 13, 81, 22, 49, 22, 09, 23, 3D, 0A, 0C, 5C, 3E, B1, 76, 3A, A8, 83, A7, A3, BB, AF, 97, A3, 87, 9B, 8B, 8B, 9F, B3, 9D, 9B, 98, B2, 5B, 7B, AF, B2, 1C, B4, 9F, 99, 6D, DA, AD, 9C, C5, EE, E4, 80...
 
[+]

Entropy:
7.9243  (probably packed)

Code size:
73.5 KB (75,264 bytes)

Scan messagequeue.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.