home

poweredplus.dll

MD5:
c0e28b337c2fed0ccecffae0670436b4

SHA-1:
70aada59ee3979ef962d4d0869263d7f513b8195

SHA-256:
e1656ceac991d84105f7398e3cd3af82069f30413c4563c08fea9e26715125ce

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/25/2024 8:26:59 PM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
Trojan.Win32.Bublik
t3scan.1.9.5.0

File size:
1.3 MB (1,387,520 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\downloads\poweredplus.dll

File PE Metadata
Compilation timestamp:
12/4/2015 12:47:40 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
12288:Fxnwse3uWRkcvzJp0UjHRqBpp0UJ/kFr0xzYiieuuZpuhoInP2SpQoFvjbscWtEH:/n/au4YpaFrJoInP2yPFvjfWKM2

Entry address:
0x80979

Entry point:
E9, 32, F0, 01, 00, E9, 1D, 24, 0E, 00, E9, 98, 8B, 08, 00, E9, 83, 77, 08, 00, E9, 9E, F6, 03, 00, E9, C3, 6A, 0B, 00, E9, 14, AA, 0E, 00, E9, 1F, 0A, 09, 00, E9, AA, DD, 06, 00, E9, 85, ED, 03, 00, E9, 00, 0A, 05, 00, E9, FB, BA, 03, 00, E9, A6, 23, 0E, 00, E9, 61, 07, 06, 00, E9, 8C, 29, 02, 00, E9, 07, 75, 08, 00, E9, C2, 72, 02, 00, E9, 8D, 52, 03, 00, E9, 98, 4E, 09, 00, E9, 23, 2D, 01, 00, E9, EE, BA, 0B, 00, E9, F9, 98, 06, 00, E9, 44, A8, 0A, 00, E9, 1F, EC, 06, 00, E9, 0A, 23, 0E, 00, E9, 05, A4...
 
[+]

Entropy:
5.6387

Developed / compiled with:
Microsoft Visual C++ 8.0 (Debug)

Code size:
1.1 MB (1,110,016 bytes)

The file poweredplus.dll has been seen being distributed by the following 10 URLs.

http://download1079.mediafire.com/2ht1rhzeb18g/.../PoweredPlus.dll

http://download1079.mediafire.com/ut02dsd043ag/.../PoweredPlus.dll

http://download824.mediafire.com/75i35x5d5ahg/.../PoweredPlus.dll

http://download1079.mediafire.com/qfpe1da6r7sg/.../PoweredPlus.dll

http://download824.mediafire.com/9z2uk3xx8gig/.../PoweredPlus.dll

http://download824.mediafire.com/6sl6tu1mczig/.../PoweredPlus.dll

http://download1079.mediafire.com/osp66m6nmdlg/.../PoweredPlus.dll

http://download824.mediafire.com/q1ej7rywdwfg/.../PoweredPlus.dll

http://download824.mediafire.com/yvne660a59cg/.../PoweredPlus.dll

http://download1079.mediafire.com/2s373tdn3aeg/.../PoweredPlus.dll

Scan poweredplus.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.