home

SpecialSpyHandler.dll

DoctoAV Software Special Spyware Handler

AS INTERNET LTD

The module SpecialSpyHandler.dll by AS INTERNET has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
DoctoAV Software  (signed by AS INTERNET LTD)

Product:
DoctoAV Software Special Spyware Handler

Version:
2, 0, 1, 2

MD5:
97814ac6be0335b40c6191b5888b59bd

SHA-1:
8ed284906d8e167a3b4fae1a875e0efe7db6bc7d

SHA-256:
b908c05eaaaa996d74f81f145eb36ee7279e053c2150411bb011968fe41dee67

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/23/2024 9:00:17 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.ASINTERNET (M)
16.2.11.18

File size:
904.5 KB (926,176 bytes)

Product version:
19, 0, 2, 2

Copyright:
(c) DoctoAV Software. All rights reserved.

Trademarks:
DoctoAV Software

Original file name:
SpecialSpyHandler.dll

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\Program Files\doctoantivirus\specialspyhandler.dll

Digital Signature
Signed by:
AS INTERNET LTD

Authority:
GlobalSign nv-sa

Valid from:
4/24/2013 3:14:58 AM

Valid to:
4/24/2016 3:14:58 AM

Subject:
CN=AS INTERNET LTD, O=AS INTERNET LTD, L=Tel Aviv, C=IL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121E2858CCC5F8EA3765CA30CD1701D5B5E

File PE Metadata
Compilation timestamp:
6/9/2014 5:50:48 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:teijdr6axw/reGDGWk1VXGWhsaBfsStAvKwynw/rEzYqMO574Q3DOgQe660bg:8ijdr6agGWrCsaBFtznw/3tIZDpd1x

Entry address:
0x6D11C

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, CF, DB, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, AB, FE, FF, FF, CC, CC, CC, 45, 33, C9, EB, 0E, 66, 45, 3B, C1, 74, 14, 48, 83, C1, 02, 48, 83, C2, 02, 0F, B7, 01, 44, 0F, B7, 02, 41, 2B, C0, 74, E6, 41, 3B, C1, 7D, 04, 83, C8, FF, C3, B9, 01, 00, 00, 00, 41, 3B, C1, 0F, 4F, C1, C3, 48, 89, 5C, 24, 08, 57, 48, 83, EC, 60, 48, 8B...
 
[+]

Entropy:
6.1462

Code size:
615 KB (629,760 bytes)

Remove SpecialSpyHandler.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.