home

shdocvw.dll

Shell Doc Object and Control Library

Microsoft Corporation

The ShDocVw provides the navigation, local caching and history functionalities for Internet Explorer web browser. The file has been seen being downloaded from www.aodrag.es and multiple other hosts.
Publisher:
Microsoft Corporation

Product:
Microsoft® Windows® Operating System

Description:
Shell Doc Object and Control Library

 
Part of the Windows Operating System

Version:
10.0.10240.16384 (th1.150709-1700)

MD5:
74b52db5355a9cb8c628b3b69cfe24f5

SHA-1:
daaf25c278579666955ad2e9739eace54129868c

SHA-256:
4b02b287562de4c4bb680761c45ac80ee3fb799427ddd2678475166cd7c782e6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
5/13/2024 9:08:43 PM UTC  (today)

File size:
218.5 KB (223,744 bytes)

Product version:
10.0.10240.16384

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
SHDOCVW.DLL.MUI

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\windows\syswow64\shdocvw.dll

Registration
CLSIDs:
{241D7C96-F8BF-4F85-B01F-E2B043341A4B}, {80FCA77A-FBCB-4F7D-BC84-547E3F79D618}, {EF4D1E1A-1C87-4AA8-8934-E68E4367468D}

COM registered:
Yes

File PE Metadata
Compilation timestamp:
7/10/2015 4:38:08 AM

OS version:
10.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.10

CTPH (ssdeep):
6144:Q99q9vxE0C6v/DwINOMhU6Gyl48pAjEd8xihTlyRmo:Q99q9vxNC6v49pyl48pArx06m

Entry address:
0x4D00

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 08, 07, 00, 00, 5D, E9, 2A, 00, 00, 00, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, B8, 63, 73, 6D, E0, 39, 45, 08, 75, 0D, FF, 75, 0C, 50, E8, 75, 05, 00, 00, 59, 59, 5D, C3, 33, C0, 5D, C3, CC, CC, CC, CC, CC, 6A, 30, 68, 28, 2C, 71, 71, E8, 80, 07, 00, 00, C7, 45, E0, 01, 00, 00, 00, 33, F6, 89, 75, FC, 8B, 45, 0C, 83, F8, 01, 77, 05, A3, 00, 50, 71, 71, 83, 7D, 0C, 00, 75, 11, 83, 3D, C0, 50, 71, 71, 00, 75, 08, 89, 75, E0, E9, 39, 02, 00, 00, 8B, 45, 0C, 83...
 
[+]

Entropy:
5.9496

Code size:
77.5 KB (79,360 bytes)

The file shdocvw.dll has been seen being distributed by the following 2 URLs.

http://www.aodrag.es/updater/8.0.15/.../shdocvw.dll

http://www.aodrag.es/updater/8.0.19/.../shdocvw.dll

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.