home

pih.dll

Giveaway of the Day

Softdeluxe

The module pih.dll by Softdeluxe has been detected as a potentially unwanted program by 2 anti-malware scanners.
Publisher:
giveawayoftheday.com  (signed by Softdeluxe)

Product:
Giveaway of the Day

Version:
2.0.1.15

MD5:
b1dfaafb08e112e1cee9183991737439

SHA-1:
5c0b331df24cbe07544ca52da898ff67a9a4df0f

SHA-256:
1f342e01077dbbeb05c97a25b2afa29b080668312813aa489f98bc9120e0d2df

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
4/16/2024 10:36:43 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Softdelu (M)
16.3.2.22

Trend Micro House Call
TROJ_GEN.F47V0823
7.2.264

File size:
2.5 MB (2,670,200 bytes)

Product version:
2.0.1.0

Copyright:
Copyright (C) giveawayoftheday.com, 2006-2012

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\pih.dll

Digital Signature
Signed by:
Softdeluxe

Authority:
Thawte, Inc.

Valid from:
8/11/2011 7:00:00 PM

Valid to:
8/11/2013 6:59:59 PM

Subject:
CN=Softdeluxe, O=Softdeluxe, L=Dubna, S=Moscow region, C=RU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
03210A27BF81D359C5333208DDA8F10D

File PE Metadata
Compilation timestamp:
8/22/2012 1:09:24 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:lYk9nDcKSSNhJy00/NUr2jdqI3qfSkXwDO5Q7fjS2VekBeav0Pp:Gk9nDcQNC0ojdq8YQTjSIZiPp

Entry address:
0x53C040

Entry point:
68, 00, 00, 00, 00, 68, 01, 00, 00, 00, 68, 00, 00, 00, 10, E8, 00, 00, 00, 00, 81, 2C, 24, 54, C0, 53, 10, 81, 04, 24, 00, B0, 53, 10, E9, 99, 11, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.8315

Packer / compiler:
PKLITE32, 0x1.1

Code size:
144 KB (147,456 bytes)

Remove pih.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.