home

redemption.dll

Advanced Messaging Systems LLC

Publisher:
Advanced Messaging Systems LLC  (signed and verified)

MD5:
1244ddcca4ea56b3be82297f4e9df1e0

SHA-1:
6ad30633d78ff520684f8bdddd5f2510c43bf88b

SHA-256:
93a5d8e1b3aa0e5f14e009b5c577c35c0601d1149130c5e85f2c8d81f01e361d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 2:57:13 PM UTC  (today)

File size:
9.2 MB (9,652,864 bytes)

File type:
Dynamic link library (Win64 DLL)

Common path:
C:\ProgramData\trend micro installer\pc treasure-tti_7.0_el_full_1416543018\ucplugin\c17t1718v0.0.0l1p5889r1o1\ol64\redemption.dll

Digital Signature
Signed by:
Advanced Messaging Systems LLC

Authority:
COMODO CA Limited

Valid from:
11/10/2011 7:00:00 PM

Valid to:
11/10/2014 6:59:59 PM

Subject:
CN=Advanced Messaging Systems LLC, O=Advanced Messaging Systems LLC, STREET=4701 E. Mossman Rd., L=Phoenix, S=AZ, PostalCode=85050, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
3AC5A1500A3B51BA6DE99B69319F10D7

File PE Metadata
Compilation timestamp:
9/3/2012 4:54:51 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
49152:YJgoQLP0WzsSts33L88NAxMAzLH8oeotwwlz3ac557iiBrXZ0kimrEvim8Mtjl/a:Hs+h8oeoFlz3ao5VBKAhGyiWyOcYKo

Entry address:
0x73C1F0

Entry point:
55, 48, 81, EC, 90, 00, 00, 00, 48, 8B, EC, 48, 89, 4D, 30, 89, 55, 3C, 4C, 89, 45, 40, 90, 48, 8D, 4D, 48, 48, 8D, 15, 66, 5A, FE, FF, 4C, 8B, 45, 30, 44, 8B, 4D, 3C, 48, 8B, 45, 40, 48, 89, 44, 24, 20, E8, 48, 73, 8D, FF, E8, 63, 00, 8D, FF, C7, 85, 8C, 00, 00, 00, 01, 00, 00, 00, EB, 17, 90, 90, E8, 90, 02, 8D, FF, 85, C0, 0F, 94, C0, 48, 0F, B6, C0, 89, 85, 8C, 00, 00, 00, 90, 8B, 85, 8C, 00, 00, 00, 48, 8D, A5, 90, 00, 00, 00, 5D, C3, 90, 48, 83, EC, 28, E8, 97, F6, 8C, FF, 48, 83, C4, 28, C3, CC, CC...
 
[+]

Entropy:
5.9489

Code size:
7.2 MB (7,582,720 bytes)

Scan redemption.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.