home

sielu27.dll

MD5:
5b97b6c3324666cec0e85d42495ce38e

SHA-1:
88643c68cd6a90b2414f7f897f092dc0f4cb463d

SHA-256:
c937c24f42ccd7ac3ea646a0be1f4cf12b2814b01c1d3babdf68da413e62364a

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
5/21/2024 2:54:06 PM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
Backdoor.Win32.Bifrose
t3scan.2.0.6.0

Qihoo 360 Security
HEUR/QVM38.0.Malware.Gen
1.0.0.1120

Total Defense
Win32/Ramnit.DW
37.1.62.1

File size:
2.3 MB (2,405,376 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\sielu_mh\sielu27.dll

File PE Metadata
Compilation timestamp:
1/18/2016 8:08:07 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:Ank9e49sfciOp5IgrCvBbVU20xg+X6jqF9xPJ+ISgoALObNDlLcr:hQ463MoVYyVuF99J+E6bplQr

Entry address:
0x7F5A58

Entry point:
60, E8, 00, 00, 00, 00, 5D, 81, ED, 06, 00, 00, 00, 81, ED, 58, 5A, 7F, 00, E9, 4C, 00, 00, 00, 45, 4E, 49, 47, 4D, 41, 04, 00, E0, 07, 01, 00, 12, 00, 13, 00, 0F, 00, 37, 00, B3, 70, 52, 50, C4, 5F, 6C, 70, 1C, F8, 85, 8D, 92, A6, FB, 6D, 23, E0, 3F, B3, 01, 00, 00, 00, 15, 3F, 95, 31, 9C, 43, D6, A8, 44, 20, F9, 0B, 3B, 8B, A1, C1, 1B, EC, E6, 9C, 76, 67, B1, F5, E5, 1F, FF, 79, ED, F3, 56, DA, 8A, 84, 24, 28, 00, 00, 00, 80, F8, 01, 0F, 84, 07, 00, 00, 00, 61, 33, C0, 40, C2, 0C, 00, E9, 04, 00, 00, 00...
 
[+]

Packer / compiler:
ASPack v1.08.04

Code size:
3 KB (3,072 bytes)

The file sielu27.dll has been seen being distributed by the following 3 URLs.

http://przeklej.org/file/.../9FUr6gsxOXjWERhScADw

http://www.speedyshare.com/vZj4Q/ca564831/.../sielu27.dll

http://poczta.onet.pl/download.html?kid=36000076

Scan sielu27.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.