home

SCSK4.OCX

SCSK ActiveX Control Module

SoftCamp, Inc.

The file SCSK4.OCX has been detected as malware by 5 anti-virus scanners.
Publisher:
SoftCamp Co.,Ltd.  (signed by SoftCamp, Inc.)

Product:
SCSK ActiveX Control Module

Version:
4, 0, 6000, 23

MD5:
6e67967ea3ea995c651ac46e05491e7b

SHA-1:
0dcf683617e496ddb0b6123fbc9067152aa301e5

SHA-256:
78b79959893639b99911c87339a4fef73102eb562957f7eefdb0267bce097e98

Scanner detections:
5 / 68

Status:
Malware

Analysis date:
4/26/2024 1:48:13 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Symmi.44590
828

F-Secure
Gen:Variant.Symmi.44590
11.2014-30-10_5

IKARUS anti.virus
Win32.SuspectCrc
t3scan.1.7.8.0

MicroWorld eScan
Gen:Variant.Symmi.44590
15.0.0.909

Trend Micro House Call
Suspicious_GEN.F47V0805
7.2.303

File size:
1.3 MB (1,320,392 bytes)

Product version:
4, 0, 6000, 23

Copyright:
Copyright (C) 2002-2007 SoftCamp Co.,Ltd. All rights reserved.

Original file name:
SCSK4.OCX

File type:
OLE control extension (Win32 OCX)

Common path:
C:\Windows\System32\scsk4.ocx

Digital Signature
Signed by:
SoftCamp, Inc.

Authority:
VeriSign, Inc.

Valid from:
8/17/2007 9:00:00 AM

Valid to:
8/18/2008 8:59:59 AM

Subject:
CN="SoftCamp, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="SoftCamp, Inc.", L=Gangnam-gu, S=Seoul, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
39C8573DEF6A7900049D81855B7635B5

Registration
CLSIDs:
{28D73FB6-FE5D-4A47-A705-DBB68A6FC18D}, {39FC0CF9-86F3-4502-B773-D16706EDEC83}, {482AE633-0440-4CC8-921E-913B8FB9A937}, {6CB8603A-9C60-4042-B7DE-8D37E3250443}, {6E64A63B-C5A3-4B4B-92CD-5BA7A42619F3}, {AC1553DB-2296-4707-829B-402A1280F8DD}

ProgIDs:
SCSK3.EventOnfocus.1, SCSK3.SCSK3Ctrl.1, SCSK3.EventOnKeyDown.1, SCSK3.PassOnChange.1, SCSK3.EventOnPress.1, SCSK3.EventOnMouseDown.1, SCSK3.EventOnchar.1, SCSK3.EventOnPaste.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
11/15/2007 11:01:20 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:6zkNZtHw6kmNNXUkJayMiHqPbH/PZ///JHfP5/f/zH/PZ///xHfPhDUCBYXcKhuO:NHXk0EryZuTBYXcKQoy/X2KQpnl

Entry address:
0x311FD

Entry point:
55, 8B, EC, 53, 8B, 5D, 08, 56, 8B, 75, 0C, 57, 8B, 7D, 10, 85, F6, 75, 09, 83, 3D, EC, B3, 0C, 10, 00, EB, 26, 83, FE, 01, 74, 05, 83, FE, 02, 75, 22, A1, 3C, F8, 0B, 10, 85, C0, 74, 09, 57, 56, 53, FF, D0, 85, C0, 74, 0C, 57, 56, 53, E8, 15, FF, FF, FF, 85, C0, 75, 04, 33, C0, EB, 4E, 57, 56, 53, E8, 4A, F9, FF, FF, 83, FE, 01, 89, 45, 0C, 75, 0C, 85, C0, 75, 37, 57, 50, 53, E8, F1, FE, FF, FF, 85, F6, 74, 05, 83, FE, 03, 75, 26, 57, 56, 53, E8, E0, FE, FF, FF, 85, C0, 75, 03, 21, 45, 0C, 83, 7D, 0C, 00...
 
[+]

Entropy:
5.7001

Developed / compiled with:
Microsoft Visual C++ 6.0

Code size:
648 KB (663,552 bytes)

ActiveX Install
Name:
{39FC0CF9-86F3-4502-B773-D16706EDEC83}


Remove SCSK4.OCX - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.