home

ntdll.dll

Microsoft Windows Operating System

上海速域网络科技有限公司

Publisher:
Microsoft Corporation  (signed by 上海速域网络科技有限公司)

Product:
Microsoft(R) Windows(R) Operating System

Description:
NT Layer DLL

Version:
5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)

MD5:
4ea0e852c3e3a5bb95cc6f2641f57662

SHA-1:
1f61cc477cbd390e3af2644beaa6ba3fc05a4a4d

SHA-256:
733f642698e464e47e45af840f403a66ac17f8489d2f6c25837599e3e5464a9a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
8/5/2025 5:37:55 PM UTC  (today)

File size:
589.1 KB (603,288 bytes)

Product version:
5.1.2600.5755

Copyright:
(C) Microsoft Corporation. All rights reserved.

Original file name:
ntdll.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\扂腔岍賜\z8\ntdll.dll

Digital Signature
Signed by:
上海速域网络科技有限公司

Authority:
WoSign CA Limited

Valid from:
11/12/2014 10:29:36 AM

Valid to:
11/12/2015 10:29:36 AM

Subject:
CN=上海速域网络科技有限公司, O=上海速域网络科技有限公司, L=上海市, S=上海市, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
225608F57352B30107CEE9379DAB94F2

File PE Metadata
Compilation timestamp:
2/9/2009 6:52:42 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
7.10

CTPH (ssdeep):
12288:aL6HQcPNQUpBMbZuzWyXnyoZVwA1cQORD5ZMwLkfRlH+35fMi9//:amQcPNQ4SphLkpU3b9//

Entry address:
0x12C48

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 0F, 84, A3, F6, 00, 00, 33, C0, 40, 5D, C2, 0C, 00, 90, 90, 90, 90, 90, 6A, 14, 68, 08, 2D, 93, 7C, E8, 5C, BC, FF, FF, 8A, 1D, C0, E1, 99, 7C, 8B, 75, 0C, 33, D2, 3B, F2, 0F, 85, F8, 16, 02, 00, 8B, 7D, 10, 3B, FA, 74, 02, 89, 17, 8B, 4D, 08, F7, C1, FC, FF, FF, FF, 0F, 85, 1C, BB, 02, 00, 3B, FA, 0F, 84, 2D, BB, 02, 00, 8B, C1, 83, E0, 02, 0F, 85, D4, 16, 02, 00, 84, DB, 75, 4A, 33, DB, 43, 84, CB, 0F, 84, 82, 1D, 00, 00, 68, 78, E1, 99, 7C, 3B, C2, 0F, 85, 97, 17, 02...
 
[+]

Entropy:
6.8760

Code size:
496.5 KB (508,416 bytes)

Scan ntdll.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.