home

smime3.dll

Network Security Services

Sendori, Inc

This is part of the Sendori web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. smime3.dll is the Mozilla Network Security Services (NSS) library is designed to support cross-platform S/MIME development of security-enabled client applications and is recompiled by Sendori, Inc. The library smime3.dll, “NSS S/MIME Library” by Sendori, Inc has been known to be a potentially unwanted program that has been detected by 1 anti-malware scanner. Although a detection has been made for this resource, it is generally a commonly distributed 3rd-party library and is typically safe by itself.
Publisher:
Mozilla Foundation  (signed by Sendori, Inc)

Product:
Network Security Services

Description:
NSS S/MIME Library

Version:
3.13.6.0

MD5:
0f1d8d1f7b9c51a00a258cd9d8f41293

SHA-1:
06eaca8caf806d88ed558d688526827e09adf0b4

SHA-256:
489a3d681e4e93c07e61bf1c004547c0349e228fc9d062dd783106e4f60abd15

Scanner detections:
1 / 68

Status:
Inconclusive but possibly unwanted  (It is part of a common redistributable library)

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/20/2024 10:32:51 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Common.PartOf.PUP.Sendori.MozillaFoundation (M)
15.12.25.23

File size:
135.8 KB (139,040 bytes)

Product version:
3.13.6.0

Original file name:
smime3.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\sendori\smime3.dll

Digital Signature
Signed by:
Sendori, Inc

Authority:
VeriSign, Inc.

Valid from:
3/11/2012 7:00:00 PM

Valid to:
4/4/2013 6:59:59 PM

Subject:
CN="Sendori, Inc", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Sendori, Inc", L=Oakland, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
28FA9F749BFC21C3FDFCFEFB6497011B

File PE Metadata
Compilation timestamp:
9/12/2012 8:06:51 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:FUOZ75SYZdOhxAhuV9yMABbSRn8suaQZOXXoYC/6I4zdSbfoMR0NOBqNyV:FUOZ75P6muSMmWRntuTAdNNo

Entry address:
0x124E0

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 2C, 1A, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 55, 8B, EC, 83, EC, 08, 89, 7D, FC, 89, 75, F8, 8B, 75, 0C, 8B, 7D, 08, 8B, 4D, 10, C1, E9, 07, EB, 06, 8D, 9B, 00, 00, 00, 00, 66, 0F, 6F, 06, 66, 0F, 6F, 4E, 10, 66, 0F, 6F, 56, 20, 66, 0F, 6F, 5E, 30, 66, 0F, 7F, 07, 66, 0F, 7F, 4F, 10, 66, 0F, 7F, 57, 20, 66, 0F, 7F, 5F, 30, 66, 0F, 6F, 66, 40, 66, 0F, 6F, 6E, 50, 66, 0F, 6F, 76, 60, 66, 0F, 6F, 7E, 70, 66, 0F, 7F...
 
[+]

Entropy:
6.4305

Code size:
91.5 KB (93,696 bytes)

Scan smime3.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.