» scardprv.dll
Overview
Analysis
File Details

scardprv.dll

The library scardprv.dll has been detected as malware by 30 anti-virus scanners.

File name:

scardprv.dll

MD5:

116ab6dc2d06ca2c862c42830d3c2564

SHA-1:

0ebe6a3e84cc18120348bffc59a3aaeae17c2004

Scanner detections:

30 / 68

Status:

Malware

Analysis date:

4/20/2024 5:45:17 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Graftor.Elzob.3935

701

Agnitum Outpost

Backdoor.Joanap

7.1.1

AhnLab V3 Security

Trojan/Win32.Dllbot

2014.12.07

Avira AntiVirus

BDS/Joanap.A.6

7.11.193.42

avast!

Win32:Trojan-gen

2014.9-150306

AVG

BackDoor.Generic14

2016.0.3179

Baidu Antivirus

Worm.Win32.Agent

4.0.3.1536

Bitdefender

Gen:Variant.Graftor.Elzob.3935

1.0.20.325

Bkav FE

W32.WinsysMFF.Trojan

1.3.0.6267

Clam AntiVirus

Win.Trojan.Agent-503163

0.98/21511

Comodo Security

UnclassifiedMalware

20288

Dr.Web

Worm.Siggen.5349

9.0.1.065

Fortinet FortiGate

W32/BackDoor.SI!tr

3/6/2015

F-Secure

Gen:Variant.Graftor.Elzob.3935

11.2015-06-03_6

G Data

Gen:Variant.Graftor.Elzob.3935

15.3.24

IKARUS anti.virus

Worm.Win32.Agent

t3scan.1.8.5.0

K7 AntiVirus

Trojan

13.186.14254

Kaspersky

Worm.Win32.Agent

14.0.0.2389

McAfee

Generic BackDoor.si

5600.6835

MicroWorld eScan

Gen:Variant.Graftor.Elzob.3935

16.0.0.195

NANO AntiVirus

Trojan.Win32.Siggen.mhytj

0.28.6.63850

Norman

Suspicious_Gen3.AFURJ

11.20150306

nProtect

Trojan/W32.Agent.81920.CLM

14.12.05.01

Panda Antivirus

Generic Malware

15.03.06.06

Qihoo 360 Security

Win32/Worm.fe1

1.0.0.1015

Rising Antivirus

PE:Trojan.Win32.Generic.12D8E96E!316205422

23.00.65.15304

Sophos

Mal/Generic-S

4.98

VIPRE Antivirus

Trojan.Win32.Generic

35478

ViRobot

Trojan.Win32.Nkagent.81920

2011.4.7.4223

Zillya! Antivirus

Worm.Agent.Win32.4395

2.0.0.2000

File size:

80 KB (81,920 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\Windows\System32\scardprv.dll

File PE Metadata

Compilation timestamp:

8/21/2011 4:41:13 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

768:ZFXimGlc4qztPa5wdalwu7KOdQYdPYKuSFYeCCam7Baho9S4AJKqBz8MZQbVQNYH:ZQjldeZaikd/YLCam7N9S4A3mbKyi

Entry address:

0xB093

Entry point:

55, 8B, EC, 53, 8B, 5D, 08, 56, 8B, 75, 0C, 57, 8B, 7D, 10, 85, F6, 75, 09, 83, 3D, F0, ED, 01, 10, 00, EB, 26, 83, FE, 01, 74, 05, 83, FE, 02, 75, 22, A1, 00, EE, 01, 10, 85, C0, 74, 09, 57, 56, 53, FF, D0, 85, C0, 74, 0C, 57, 56, 53, E8, 15, FF, FF, FF, 85, C0, 75, 04, 33, C0, EB, 4E, 57, 56, 53, E8, FD, D7, FF, FF, 83, FE, 01, 89, 45, 0C, 75, 0C, 85, C0, 75, 37, 57, 50, 53, E8, F1, FE, FF, FF, 85, F6, 74, 05, 83, FE, 03, 75, 26, 57, 56, 53, E8, E0, FE, FF, FF, 85, C0, 75, 03, 21, 45, 0C, 83, 7D, 0C, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++ 6.0

Code size:

44 KB (45,056 bytes)

Remove scardprv.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.