» msimg32.dll
Overview
Analysis
File Details
Downloads (1)

msimg32.dll

The library msimg32.dll has been detected as malware by 19 anti-virus scanners. The file has been seen being downloaded from online.b1.org.

File name:

msimg32.dll

MD5:

117e28c4607e3c79a94dc337f8181790

SHA-1:

ffa871e944c10df763629b1fa1272d3092e78f29

SHA-256:

03c2408155c2f390da5a827b496e8ada3a06ee4825e324f9d77735ece5b15dd7

Scanner detections:

19 / 68

Status:

Malware

Analysis date:

4/25/2024 9:42:35 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.10034832

899

Avira AntiVirus

TR/Rogue.10034832

7.11.168.26

avast!

Win32:Malware-gen

2014.9-140819

Bitdefender

Trojan.Generic.10034832

1.0.20.1155

Bkav FE

W32.Cloda70.Trojan

1.3.0.4959

Emsisoft Anti-Malware

Trojan.Generic.10034832

8.14.08.19.11

F-Prot

W32/Tibs.Y.gen

v6.4.7.1.166

F-Secure

Trojan.Generic.10034832

11.2014-19-08_3

G Data

Trojan.Generic.10034832

14.8.24

IKARUS anti.virus

Trojan.SuspectCRC

t3scan.1.7.5.0

McAfee

Artemis!117E28C4607E

5600.7033

MicroWorld eScan

Trojan.Generic.10034832

15.0.0.693

NANO AntiVirus

Trojan.Win32.Rogue.cwmxtg

0.28.2.61721

Norman

Troj_Generic.RSRIN

11.20140819

nProtect

Trojan.Generic.10034832

14.08.19.01

Qihoo 360 Security

Win32/Trojan.ba1

1.0.0.1015

Trend Micro House Call

TROJ_GEN.R002C0EH514

7.2.231

Trend Micro

TROJ_GEN.R002C0EH514

10.465.19

VIPRE Antivirus

Trojan-Downloader.MisleadApp

32368

File size:

1.9 KB (1,936 bytes)

File type:

Dynamic link library (Win32 DLL)

File PE Metadata

Compilation timestamp:

11/19/2013 12:34:24 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.50

CTPH (ssdeep):

24:etGStgXwjUrhCONrJX1ArCywaQ3LTNUun0+chWWHiNauGAaxHseMurJ7PJMjH+B5:6WXwohpNrJXSOywaHWYAaxHrdxEzS

Entry address:

0x1000

Entry point:

55, 8B, EC, 68, 88, 12, 40, 00, 68, 54, 15, 40, 00, E8, A6, 01, 00, 00, 6A, 00, 68, 54, 17, 40, 00, 6A, 00, 68, 1F, 00, 02, 00, 6A, 00, 68, FB, 11, 40, 00, 6A, 00, 68, D0, 11, 40, 00, 68, 01, 00, 00, 80, E8, 86, 01, 00, 00, FF, 35, 88, 12, 40, 00, 68, 54, 15, 40, 00, 6A, 01, 6A, 00, 68, 02, 12, 40, 00, FF, 35, 54, 17, 40, 00, E8, 6D, 01, 00, 00, 6A, 72, 68, 15, 12, 40, 00, 6A, 01, 6A, 00, 68, 0B, 12, 40, 00, FF, 35, 54, 17, 40, 00, E8, 52, 01, 00, 00, 68, B4, 12, 40, 00, 68, A0, 12, 40, 00, E8, FB, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

1.5 KB (1,536 bytes)

The file msimg32.dll has been seen being distributed by the following URL.

http://online.b1.org/rest/online/download/Alcohol.120.v2.0.3.Build.8314_p30download.com.rar/Alcohol.120.v2.0.3.Build.8314_p30download.com/.../MSIMG32.dll

Remove msimg32.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.