home

scanby.dll

Sutherland Global Services, Inc.

Publisher:
Sutherland Global Services, Inc.  (signed and verified)

Version:
1.0.0.3

MD5:
b10c99352e2768a7e8c9b4a7d2903172

SHA-1:
6467d5ad948970f44019fbb8e0a44b3b1cdf042e

SHA-256:
90ade7571a9e55863b2080a57816d53ac130305f56c8f1e7ebfa89d89b8dd847

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/24/2024 7:34:18 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
riskware program Program.Unwanted.173
9.0.1.05190

File size:
2 MB (2,075,680 bytes)

Product version:
1.0.0.0

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\scanby.dll

Digital Signature
Signed by:
Sutherland Global Services, Inc.

Authority:
VeriSign, Inc.

Valid from:
6/30/2013 5:00:00 PM

Valid to:
8/30/2014 4:59:59 PM

Subject:
CN="Sutherland Global Services, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Sutherland Global Services, Inc.", L=Rochester, S=New York, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
25B6328B959B22555A2605CD75E25393

File PE Metadata
Compilation timestamp:
7/26/2013 5:23:30 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:xuBN4bsGACZaFhJZFao06C/aR6v8+/7SERs043JLQXX5fgBbZScm8i0cAsQq2TLN:JbsGAHJKs45grScmtVQt8y

Entry address:
0x1AB2E4

Entry point:
55, 8B, EC, 83, C4, C0, B8, 94, 30, 5A, 00, E8, 84, FD, E5, FF, E8, B7, BA, E5, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.4298

Developed / compiled with:
Microsoft Visual C++

Code size:
1.7 MB (1,745,920 bytes)

Scan scanby.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.