» npdvrnet.dll
Overview
Analysis
File Details

npdvrnet.dll

STARIVER CIRCUITS (HK) CO., LIMTED

File name:

npdvrnet.dll

Publisher:

STARIVER CIRCUITS (HK) CO., LIMTED (signed and verified)

Version:

1.0.5.11

MD5:

b8abbcce953c611f244d2f691bd38a34

SHA-1:

84e76873e4adeee9b0cb21c0b67307680fcca402

SHA-256:

3674ead7ef8faa80f3543911f57857606ad66d3d2abebfc16c468a52561c847a

Scanner detections:

2 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/25/2024 9:14:38 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Crypt.CFI.Gen

7.11.30.172

F-Secure

Trojan.GenericKD.2277905

5.13.68

File size:

586.4 KB (600,440 bytes)

Product version:

1.0.5.11

Original file name:

DVRNET.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\windows\syswow64\npdvrnet.dll

Digital Signature

Signed by:

STARIVER CIRCUITS (HK) CO., LIMTED

Authority:

WoSign eCommerce Services Limited

Valid from:

11/27/2011 3:20:42 PM

Valid to:

11/28/2012 4:26:19 PM

Subject:

E=service@kongtop.cn, CN="STARIVER CIRCUITS (HK) CO., LIMTED", O="STARIVER CIRCUITS (HK) CO., LIMTED", L=Hongkong, S=Hongkong, C=CN

Issuer:

CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:

07CA6B39E27977

File PE Metadata

Compilation timestamp:

5/24/2012 10:46:38 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

12288:rVOLFcVJufNofhMHrEjgxtRwDi6pL3hE8XdXx7fg5QhkKY:3BfhMHrEjgxnwDi6pLtXdXdMJ

Entry address:

0x15965

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 69, B5, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 51, 53, 56, 57, FF, 35, 4C, 81, 0B, 10, E8, 86, 8F, 00, 00, FF, 35, 48, 81, 0B, 10, 8B, F8, 89, 7D, FC, E8, 76, 8F, 00, 00, 8B, F0, 59, 59, 3B, F7, 0F, 82, 83, 00, 00, 00, 8B, DE, 2B, DF, 8D, 43, 04, 83, F8, 04, 72, 77, 57, E8, DA, 0C, 00, 00, 8B, F8, 8D, 43, 04, 59, 3B, F8, 73, 48, B8, 00, 08, 00, 00, 3B, F8, 73, 02, 8B, C7, 03, C7, 3B, C7, 72, 0F... 
[+]

Code size:

488.5 KB (500,224 bytes)

Scan npdvrnet.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.