» oaevent.dll
Overview
Analysis
File Details
Behaviors (1)

oaevent.dll

Online Armor Security Suite

Tall Emu

File name:

oaevent.dll

Publisher:

Tall Emu (signed and verified)

Product:

Online Armor Security Suite

Version:

2.1.0.119

MD5:

b3166fb5a8a1a8a397353365d81d708b

SHA-1:

e7a89aff00f6409e8c6e4b31fa6ba9bc9f73b818

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/24/2024 1:02:28 AM UTC (today)

Scan engine

Detection

Engine version

Prevx

Heuristic: Suspicious Self Modifying File

3.0.7

File size:

655.7 KB (671,432 bytes)

Product version:

2.1.0.0

File type:

Dynamic link library (Win32 DLL)

Language:

Rosyjski

Common path:

C:\Program Files\tall emu\online armor\oaevent.dll

Digital Signature

Signed by:

Tall Emu

Authority:

GlobalSign nv-sa

Valid from:

2/25/2008 5:55:39 PM

Valid to:

2/25/2010 5:55:39 PM

Subject:

E=support@tallemu.com, CN=Tall Emu, O=Tall Emu, C=AU

Issuer:

CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:

010000000001185185634A

Registration

CLSIDs:

{4F07DA45-8170-4859-9B5F-037EF2970034}, {4F07DA46-8170-4859-9B5F-037EF2970034}

ProgID:

oaevent.TOAShell

COM registered:

Yes

File PE Metadata

Compilation timestamp:

6/20/1992 12:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:IiaC2DbvuHILjhz60bwDqbc7GLhlNAsy1g6c//////TNhultGaBZJQExXwU:9yQ6h6I9c7GLK5c//////TbulcaBZJQ+

Entry address:

0x8D4F4

Entry point:

55, 8B, EC, 83, C4, C4, B8, 6C, D1, 48, 00, E8, AC, 91, F7, FF, B9, FC, D0, 48, 00, B2, 01, A1, F4, 5B, 46, 00, E8, EB, 8A, FD, FF, A3, 60, 43, 49, 00, 33, D2, A1, 60, 43, 49, 00, E8, 02, 90, FD, FF, E8, 69, 6B, F7, FF, 90, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

561.5 KB (574,976 bytes)

Approved Shell Extension

Name:

Online Armor Shell Extension

CLSID:

{4F07DA46-8170-4859-9B5F-037EF2970034}

CLSID name:

Online Armor diagnostics file

Scan oaevent.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.