home

protect.dll_635899480264670000

The file protect.dll_635899480264670000 has been detected as a potentially unwanted program by 2 anti-malware scanners.
MD5:
7020fca2e7eddb99f5a3f93210b8d7e4

SHA-1:
ebfd195adce834fd3f9ce2d6963612fabbbb92c7

SHA-256:
3f49e4dd2f39ac6fa626828246c3c173e0073b453c9331b56a2aa963acb51b3f

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 5:13:22 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/RiskWare.PEMalform.E application
7.0.302.0

Reason Heuristics
PUP.Malform.ET (M)
16.12.10.1

File size:
4 MB (4,169,728 bytes)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\protect.dll_635899480264670000

File PE Metadata
Compilation timestamp:
1/27/2011 11:43:15 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:J1C+h9kVj+jDj+GwwC1pstUzFAGxpD6J5i3gbRFO+z/j5hmAhxWexWXFxK3TBfCv:J0WmVai0WHqiOF7z/jR3TBJVmHz

Entry address:
0x1E5A7

Entry point:
83, 7C, 24, 08, 01, 75, 05, E8, 13, 02, 39, AF, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, 13, 01, D4, AD, 59, C2, 0C, 00, 55, 8B, EC, 53, 56, 8B, 75, 08, 33, DB, 39, 5D, 14, 57, 75, 10, 3B, F3, 75, 10, 39, 5D, 0C, 75, 12, 33, C0, 5F, 5E, 5B, 5D, C3, 3B, F3, 74, 07, 8B, 7D, 0C, 3B, FB, 77, 1B, E8, 13, 02, 1B, 85, 6A, 16, 5E, 89, 30, 53, 53, 53, 53, 53, E8, 13, 02, 1B, 26, 83, C4, 14, 8B, C6, EB, D5, 39, 5D, 14, 75, 04, 88, 1E, EB, CA, 8B, 55, 10, 3B, D3, 75, 04, 88, 1E, EB, D1, 83, 7D, 14, FF, 8B...
 
[+]

Code size:
220 KB (225,280 bytes)

Remove protect.dll_635899480264670000 - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.