» spnet.dll
Overview
Analysis
File Details

spnet.dll

ODBC Driver Manager Trace

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The library spnet.dll, “ODBC Driver Manager Trace” has been detected as malware by 19 anti-virus scanners.

File name:

spnet.dll

Publisher:

Microsoft Corporation* (Invalid match)

Product:

Microsoft® Windows® Operating System

Description:

ODBC Driver Manager Trace

Version:

6.1.7601.17514 (win7sp1_rtm.101119-1850)

MD5:

864f1d8ca54279c1474626029194e412

SHA-1:

c9d65cc54e6bfd0256c92da36d9a4167bbcbe016

SHA-256:

c1e22c687fa2272a20e203d7f22003e43650e5ac55abfc739989039a4c9d3b08

Scanner detections:

19 / 68

Status:

Malware

Analysis date:

4/26/2024 5:13:22 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.15815906

354

Arcabit

Trojan.Generic.DF154E2

1.0.0.653

AVG

Atros3

2017.0.2832

Bitdefender

Trojan.Generic.15815906

1.0.20.230

Bkav FE

HW64.packed

1.3.0.7400

Emsisoft Anti-Malware

Trojan.Generic.15815906

8.16.02.15.07

ESET NOD32

Win64/Bedep

10.13028

Fortinet FortiGate

W64/Bedep.D!tr

2/15/2016

F-Secure

Trojan.Generic.15815906

11.2016-15-02_2

G Data

Trojan.Generic.15815906

16.2.25

IKARUS anti.virus

Trojan.Win64.Bedep

t3scan.2.0.6.0

K7 AntiVirus

Trojan

13.213.18735

McAfee

Artemis!864F1D8CA542

5600.6488

Microsoft Security Essentials

Backdoor:Win64/Bedep!rfn

1.1.12400.0

MicroWorld eScan

Trojan.Generic.15815906

17.0.0.138

nProtect

Trojan.Generic.15815906

16.02.12.01

Rising Antivirus

PE:Malware.Generic(Thunder)!1.A1C4 [F]

23.00.65.16213

Trend Micro

TROJ_GEN.R011C0DBD16

10.465.15

VIPRE Antivirus

Trojan.Win32.Generic

47214

File size:

352 KB (360,448 bytes)

Product version:

6.1.7601.17514

Original file name:

odbctrac.dll

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\ProgramData\{9a88e103-a20a-4ea5-8636-c73b709a5bf8}\spnet.dll

Registration

CLSID:

{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}

COM registered:

Yes

File PE Metadata

Compilation timestamp:

11/27/2014 12:26:14 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

5.12

CTPH (ssdeep):

6144:20PufvLHHE61shKHyCsLX0T+RRFWkLglf/l/CSnDhAWfcGiLw88ZrFdR:20PygEUKSCu0TUDrLgl1/uWfc5wdFdR

Entry address:

0x3C11

Entry point:

24, 48, C7, 05, 7B, 7C, 00, 00, F6, B2, CA, 0E, E9, BE, 00, 00, 00, 81, 3D, 6C, 7C, 00, 00, 0D, 03, 67, 07, 90, 75, AD, 48, 8B, 44, 24, 18, 48, 83, C0, 02, 48, 83, C0, 02, 90, 48, 89, 44, 24, 18, 90, 48, 8B, 44, 24, 18, 48, 83, C0, 03, 48, 83, C0, 11, 48, 89, 44, 24, 08, 48, 8B, 44, 24, 08, 48, 83, C0, 04, 48, 05, EC, 00, 00, 00, 48, 89, 04, 24, 48, 83, 7C, 24, 38, 00, 74, 0F, 48, 8B, 44, 24, 38, 90, 48, 8B, 4C, 24, 18, 48, 89, 08, 90, C7, 05, 0F, 7C, 00, 00, 13, F0, 65, 05, EB, 55, 48, 8B, 0C, 24, 48, 89... 
[+]

Code size:

20 KB (20,480 bytes)

Remove spnet.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.