home

pih.dll

Giveaway of the Day

Softdeluxe

The library pih.dll has been detected as malware by 2 anti-virus scanners.
Publisher:
giveawayoftheday.com  (signed by Softdeluxe)

Product:
Giveaway of the Day

Version:
2.0.1.17

MD5:
48e62d03bacc12ef26329c4a7418997a

SHA-1:
73ed1edaef130ff7b5fdbd64ff69d961d3f0f101

SHA-256:
ccf7ced51bc1e02df44cf2c1b5e5fcd0af30c722918a915673331407d9b68ded

Scanner detections:
2 / 68

Status:
Malware

Analysis date:
5/9/2024 12:00:22 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Unnamed.Threat.14
14.3.1.13

Rising Antivirus
PE:Trojan.Win32.Generic.13F2E8AE!334686382
23.00.65.131216

File size:
2.5 MB (2,650,744 bytes)

Product version:
2.0.1.0

Copyright:
Copyright (C) giveawayoftheday.com, 2006-2012

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\pih.dll

Digital Signature
Signed by:
Softdeluxe

Authority:
Thawte, Inc.

Valid from:
8/11/2011 8:00:00 PM

Valid to:
8/11/2013 7:59:59 PM

Subject:
CN=Softdeluxe, O=Softdeluxe, L=Dubna, S=Moscow region, C=RU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
03210A27BF81D359C5333208DDA8F10D

File PE Metadata
Compilation timestamp:
10/9/2012 1:14:03 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:1DkVigScNEn1SxKgmc37zUXMTJbAGSudrvvOvmtU4GaDmDQemUTOC0kDsP:1WZScNKSkjezUXIHdrv2AKaDWmvIQP

Entry address:
0x536040

Entry point:
68, 00, 00, 00, 00, 68, 01, 00, 00, 00, 68, 00, 00, 00, 10, E8, 00, 00, 00, 00, 81, 2C, 24, 54, 60, 53, 10, 81, 04, 24, 00, 50, 53, 10, E9, 99, 1D, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.8290

Packer / compiler:
PKLITE32, 0x1.1

Code size:
146 KB (149,504 bytes)

Remove pih.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.