» pamcollectorapi.{8f876bf7-449b-4062-bc27-67aa271389b1}.dll
Overview
Analysis
File Details

pamcollectorapi.{8f876bf7-449b-4062-bc27-67aa271389b1}.dll

Red Line Software LLC

File name:

Publisher:

Red Line Software LLC (signed and verified)

MD5:

838fc725046c4d24a46a965a3fd52b60

SHA-1:

8a73394f01310b66e5d36cc77bbaf93fbd5c8431

SHA-256:

e1c763c08001e2339b6fc4aacd0bf2c945f8eada685757d14ca6d930243a2db5

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/23/2024 8:14:41 PM UTC (today)

Scan engine

Detection

Engine version

Comodo Security

Heur.Packed.Unknown

20205

File size:

180.4 KB (184,696 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\Windows\System32\pamcollectorapi.{8f876bf7-449b-4062-bc27-67aa271389b1}.dll

Digital Signature

Signed by:

Red Line Software LLC

Authority:

The USERTRUST Network

Valid from:

2/26/2009 6:00:00 PM

Valid to:

2/27/2011 5:59:59 PM

Subject:

CN=Red Line Software LLC, O=Red Line Software LLC, STREET="2 Mayakovskogo Lane, Building 1", L=Moscow, S=Moscow, PostalCode=109147, C=RU

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

0C7D126FF75A5C5F1044F10A38BB0206

File PE Metadata

Compilation timestamp:

5/17/2010 8:57:23 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

3072:/wfpgh+/KyGl3fvim/bTc8m+2NNRiFdN25XlOcjrrR+T5u3aRxHkfeMU4GKemUH:Yfpv/vGFSGTcl+25AdI5XltMTyaRNkf2

Entry address:

0x24300

Entry point:

E9, 95, 9C, 00, 00, 9C, 68, 35, 77, 6D, 12, 60, E9, A0, 8F, 00, 00, E9, BE, 9B, 00, 00, 66, 89, 45, 00, 89, 54, 24, 14, 8D, 64, 24, 24, E9, 72, 8F, 00, 00, 66, 81, F2, B9, A0, 04, 77, D2, CE, C0, C0, 03, 66, 0F, BD, D2, F6, D0, 66, 0F, AC, EA, 05, 24, 3C, 66, 0F, BA, EA, 09, 0F, CA, 8B, 14, 38, 66, 39, D0, F8, F6, C3, 8B, F9, 83, ED, 04, E9, F4, 8C, 00, 00, C0, FC, 05, 8B, 06, 60, 60, 85, F2, 29, D8, E9, C3, 90, 00, 00, E9, 07, 89, 00, 00, C5, C4, DE, 00, 00, 04, 31, 17, 04, 15, 11, 21, 07, 02, 00, 00, 00... 
[+]

Entropy:

6.7420

Packer / compiler:

Xtreme-Protector v1.05

Code size:

192 KB (196,608 bytes)

Scan pamcollectorapi.{8f876bf7-449b-4062-bc27-67aa271389b1}.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.