home

openlibeay32.dll

The OpenSSL Toolkit

OOO Russkie Internet Reshenija

libeay32.dll is the OpenSSL Toolkit used to implement Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols for the included program. SSLeay is designed to provide cryptographic support functionality for SSL connections and is recompiled by OOO Russkie Internet Reshenija. The library openlibeay32.dll, “OpenSSL Shared Library” by OOO Russkie Internet Reshenija has been known to be a potentially unwanted program that has been detected by 1 anti-malware scanner. Although a detection has been made for this resource, it is generally a commonly distributed 3rd-party library and is typically safe by itself.
Publisher:
The OpenSSL Project, http://www.openssl.org/  (signed by OOO Russkie Internet Reshenija)

Product:
The OpenSSL Toolkit

Description:
OpenSSL Shared Library

Version:
1.0.1e

MD5:
38acb6d0e7898d5c78285ed3cc8c2815

SHA-1:
5df11f9179bf22e0103ee86471e5f9d1b2a8606d

SHA-256:
30dfdc5fce3365c50a59918674c11d840e3287a809c3a46f9479c9cdc8f38ac7

Scanner detections:
1 / 68

Status:
Inconclusive but possibly unwanted  (It is part of a common redistributable library)

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/25/2024 1:13:06 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Common.OpenSSLPackaged.PUP.OOORusskieInternetReshenija (M)
15.6.30.6

File size:
1.1 MB (1,178,496 bytes)

Product version:
1.0.1e

Copyright:
Copyright © 1998-2005 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.

Original file name:
libeay32.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\roaming\4talk\libs\openlibeay32.dll

Digital Signature
Signed by:
OOO Russkie Internet Reshenija

Authority:
Thawte, Inc.

Valid from:
12/29/2012 4:00:00 AM

Valid to:
2/28/2015 3:59:59 AM

Subject:
CN=OOO Russkie Internet Reshenija, OU=IT Department, O=OOO Russkie Internet Reshenija, L=Moscow, S=Moscow, C=RU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
70E974F1D705599BD16FE4CFA4DA84A9

File PE Metadata
Compilation timestamp:
10/31/2013 12:58:54 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
24576:+hLKQT+KpPvKwx1+PZCyJfoL0cICZ1b8PGzLpok1XVp6G253:+1awOq0cICZ1b8ezLpo2VkG253

Entry address:
0xBF86C

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, B5, 04, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, CC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 10, 80, 11, 10, 89, 0D, 0C, 80, 11, 10, 89, 15, 08, 80, 11, 10, 89, 1D, 04, 80, 11, 10, 89, 35, 00, 80, 11, 10, 89, 3D, FC, 7F, 11, 10, 66, 8C, 15, 28, 80, 11, 10, 66, 8C, 0D, 1C, 80, 11, 10, 66, 8C, 1D, F8, 7F, 11, 10, 66, 8C, 05, F4, 7F, 11, 10, 66, 8C, 25, F0, 7F, 11, 10, 66, 8C, 2D, EC, 7F, 11, 10, 9C, 8F, 05, 20, 80...
 
[+]

Code size:
763.5 KB (781,824 bytes)

Scan openlibeay32.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.