» pamCollectorAPIExtender.dll
Overview
Analysis
File Details

pamCollectorAPIExtender.dll

Printer Activity Monitor

Red Line Software LLC

File name:

Publisher:

Red Line Software (signed by Red Line Software LLC)

Product:

Printer Activity Monitor

Description:

Printer Activity Monitor API Extender

Version:

4.0.0.0

MD5:

46c7abe3c5d4adba6fea8a7ac4e2e1c2

SHA-1:

fd55d8013080c7a312e07e6955abc0e01962a65c

SHA-256:

ad16a148e5420d0fbbd6fcbf8e0bf1118a92a7b3d527fb0e56b5c40d8b06962a

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/27/2024 2:22:50 AM UTC (today)

File size:

781.8 KB (800,528 bytes)

Product version:

4.0.0.0

Original file name:

pamCollectorAPIExtender.dll

File type:

Dynamic link library (Win64 DLL)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\collector api x64\pamcollectorapiextender.dll

Digital Signature

Signed by:

Red Line Software LLC

Authority:

COMODO CA Limited

Valid from:

9/23/2011 5:00:00 AM

Valid to:

9/23/2013 4:59:59 AM

Subject:

CN=Red Line Software LLC, O=Red Line Software LLC, STREET="2 Mayakovskogo Lane, Building 1", L=Moscow, S=109147, PostalCode=109147, C=RU

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

7CC4B3257E163188925FFAAAAF18AA5C

File PE Metadata

Compilation timestamp:

10/18/2012 8:06:47 PM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

12288:fdauFiFBtnTLG8XTujBs6Wpg7/1RA639DSsk9yl4MH7rKPyr8:fwweTFhpgzLAaSsAQ4Mbr3r8

Entry address:

0x10045F

Entry point:

E9, 8D, E0, FF, FF, 8F, 45, 00, E9, 91, 34, 00, 00, E9, 66, 24, 00, 00, 84, FA, 28, D8, 84, E1, E9, 0B, 02, 00, 00, 09, C8, F8, 32, 02, E9, 2E, 24, 00, 00, 8F, 45, 00, E9, F5, 3E, 00, 00, E9, FC, 09, 00, 00, E9, 65, 06, 00, 00, 5B, E9, 5F, 34, 00, 00, 66, 0F, BA, E6, 0C, F6, C4, C4, 48, 83, ED, 08, E9, 61, 1F, 00, 00, 66, 0F, B6, D0, C0, C8, 04, FE, CE, 30, C3, 66, D3, E2, 66, FF, CA, 48, 0F, B6, C0, D2, EA, 66, 0F, BD, D6, 0F, 92, C6, 48, 81, EE, FF, FF, FF, FF, 0F, AC, EA, 02, 49, 8B, 14, C4, 84, CA, F5... 
[+]

Packer / compiler:

tElock 0.99 - 1.0 private

Code size:

427 KB (437,248 bytes)

Scan pamCollectorAPIExtender.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.