home

sqlite3.dll

Cheng Du VTools Information Technology

sqlite3.dll is the native SQLite library to connect to and manage a local SQLite databases and is recompiled by Cheng Du VTools Information Technology. The library sqlite3.dll by Cheng Du VTools Information Technology has been known to be a potentially unwanted program that has been detected by 1 anti-malware scanner. Note, this is a common distributed file and although it has been detected it might not be a threat is un-coupled from its distribution source.
Publisher:
Cheng Du VTools Information Technology  (signed and verified)

MD5:
a262ab3924ed01cfab3bd27758502d0e

SHA-1:
0a8cd5078168a145fa655fd615f4d72ec5e75e56

SHA-256:
437c2933caa424f55016581e25b016ecb583cc93e5147d2e8c38ac6d2ee3450e

Scanner detections:
1 / 68

Status:
Inconclusive but possibly unwanted  (It is part of a common redistributable library)

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/26/2024 9:17:05 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Common.PUP.ChengDuVToolsInformationTechnology.H
14.8.29.2

File size:
499.9 KB (511,920 bytes)

File type:
Dynamic link library (Win64 DLL)

Common path:
C:\users\{user}\appdata\roaming\online games downloader\sqlite3.dll

Digital Signature
Signed by:
Cheng Du VTools Information Technology

Authority:
VeriSign, Inc.

Valid from:
12/11/2011 3:00:00 AM

Valid to:
1/26/2014 2:59:59 AM

Subject:
CN=Cheng Du VTools Information Technology, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Cheng Du VTools Information Technology, L=ChengDu, S=SiChuan, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1B5D68E0AFA12E8F1159C668DD228431

File PE Metadata
Compilation timestamp:
5/25/2009 3:51:47 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
2.56

CTPH (ssdeep):
6144:Wtcg3R1vZrVnwBUnPN3seVw+s4oK+J4V800SH9E9drzRcqz5tznWYVNO4BL/2k95:mcgDXseVwMoKY880aRcor3VdMV/yqg

Entry address:
0x1000

Entry point:
4D, 5A, 90, 00, 03, 00, 00, 00, 04, 00, 00, 00, FF, FF, 00, 00, B8, 00, 00, 00, 00, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 80, 00, 00, 00, 0E, 1F, BA, 0E, 00, B4, 09, CD, 21, B8, 01, 4C, CD, 21, 54, 68, 69, 73, 20, 70, 72, 6F, 67, 72, 61, 6D, 20, 63, 61, 6E, 6E, 6F, 74, 20, 62, 65, 20, 72, 75, 6E, 20, 69, 6E, 20, 44, 4F, 53, 20, 6D, 6F, 64, 65, 2E, 0D, 0D, 0A, 24, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.5823

Code size:
380.5 KB (389,632 bytes)

Scan sqlite3.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.