» SQLite.Interop.dll
Overview
Analysis
File Details

SQLite.Interop.dll

System.Data.SQLite

AdGazelle

SQLite.Interop.dll is the Interop assembly for SQLite used with the .Net framwork to work with SQLite databases and is recompiled by AdGazelle. The module SQLite.Interop.dll, “System.Data.SQLite Interop Assembly” by AdGazelle has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. Although a detection has been made for this resource, it is generally a commonly distributed 3rd-party library and is typically safe by itself. It is also typically executed from the user's temporary directory.

File name:

SQLite.Interop.dll

Publisher:

Robert Simpson, et al. (signed by AdGazelle)

Product:

System.Data.SQLite

Description:

System.Data.SQLite Interop Assembly

Version:

1.0.84.0

MD5:

1c04e2017f9d0c49742d36503b509b13

SHA-1:

a4f1f0490db490a997871e6710829436d31f0c5a

SHA-256:

8902ebb6b608839e9d30363fefee75950ce40c53e10611658edcbc530d0480bc

Scanner detections:

1 / 68

Status:

Adware

Explanation:

While the .Net Interopt file itself is not dangerous, it is part of a program that has been detected as potentially unwanted or malicious.

Analysis date:

4/25/2024 11:20:08 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.AdGazelle (M)

17.3.1.3

File size:

768.5 KB (786,944 bytes)

Product version:

1.0.84.0

Public Domain

Original file name:

SQLite.Interop.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\x86\sqlite.interop.dll

Digital Signature

Signed by:

AdGazelle

Authority:

COMODO CA Limited

Valid from:

2/3/2014 1:00:00 AM

Valid to:

2/3/2017 12:59:59 AM

Subject:

CN=AdGazelle, O=AdGazelle, STREET=12902 Dorathea Ter, L=Poway, S=CA, PostalCode=92064, C=US

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00AA27EA84F0CFE8B2E570A8C4955E2A00

File PE Metadata

Compilation timestamp:

1/9/2013 8:27:39 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

Entry address:

0x25E6

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 46, 4A, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 40, B7, 0B, 10, 89, 0D, 3C, B7, 0B, 10, 89, 15, 38, B7, 0B, 10, 89, 1D, 34, B7, 0B, 10, 89, 35, 30, B7, 0B, 10, 89, 3D, 2C, B7, 0B, 10, 66, 8C, 15, 58, B7, 0B, 10, 66, 8C, 0D, 4C, B7, 0B, 10, 66, 8C, 1D, 28, B7, 0B, 10, 66, 8C, 05, 24, B7, 0B, 10, 66, 8C, 25, 20, B7, 0B, 10, 66, 8C, 2D, 1C, B7, 0B, 10, 9C, 8F, 05, 50, B7... 
[+]

Code size:

621.5 KB (636,416 bytes)

Remove SQLite.Interop.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.