home

ocdeskband_0.dll

ocdeskband Dynamic Link Library

Pokki

The library ocdeskband_0.dll has been detected as malware by 3 anti-virus scanners.
Publisher:
Pokki  (signed and verified)

Product:
ocdeskband Dynamic Link Library

Version:
0.260.2.300

MD5:
13e3c5bd7068a25db82afae36df12098

SHA-1:
43c180df69d189fac32f3204a6bf483a677dea6f

SHA-256:
7ba80b23e5f46253cf9b61b26e191d6e9f52e0308caa3bfc8930a624cdbe5c2f

Scanner detections:
3 / 68

Status:
Malware

Analysis date:
4/19/2024 9:42:46 PM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
Win.Trojan.Agent-209308
0.98/18155

Reason Heuristics
Win64.Generic
16.2.13.4

Trend Micro House Call
TROJ_GEN.F47V0318
7.2.44

File size:
1.4 MB (1,472,344 bytes)

Product version:
0.260.2.300

Copyright:
Copyright (C) 2010-2012 - SweetLabs, Inc

Original file name:
ocdeskband.dll

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\pokki\ocdeskband_0.dll

Digital Signature
Signed by:
Pokki

Authority:
VeriSign, Inc.

Valid from:
2/28/2012 1:00:00 AM

Valid to:
4/26/2015 1:59:59 AM

Subject:
CN=Pokki, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Pokki, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7F0C02A0B2F2B0727327296C8736183B

File PE Metadata
Compilation timestamp:
11/14/2012 5:22:09 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:UDU/V93Iu2KaKe2aW+1QCzfGWmb528nJ5WTZNj7C/a+bJ1TTjj0ltvgWk2RM:UDaV93IoaKPaW+1QCzf8I8nLGZNj7C5t

Entry address:
0x54928

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, 3F, B2, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, AB, FE, FF, FF, CC, CC, CC, 40, 53, 48, 83, EC, 20, 48, 8B, D9, C6, 41, 18, 00, 48, 85, D2, 0F, 85, 82, 00, 00, 00, E8, E5, 87, 00, 00, 48, 89, 43, 10, 48, 8B, 90, C0, 00, 00, 00, 48, 89, 13, 48, 8B, 88, B8, 00, 00, 00, 48, 89, 4B, 08, 48, 8B, 0D, 9D, A5, 0D, 00, 48, 3B, D1, 74, 16...
 
[+]

Code size:
989 KB (1,012,736 bytes)

Remove ocdeskband_0.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.