home

ssi.dll

Korea Contents Network

The module ssi.dll by Korea Contents Network has been detected as adware by 2 anti-malware scanners.
Publisher:
Korea Contents Network  (signed and verified)

Version:
2013.6.17.1

MD5:
700e2c3ced6f2791fd3deb1b10fd1a46

SHA-1:
e201c9f9f8eb734c22b30ac6a15278c50318322e

Scanner detections:
2 / 68

Status:
Adware

Analysis date:
4/18/2024 7:51:00 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.KoreaContentsNetwork
15.3.7.22

Trend Micro House Call
TROJ_GEN.F47V0730
7.2.66

File size:
649.1 KB (664,704 bytes)

Product version:
2013.5.30.1

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Documents and Settings\{user}\Application data\ssi\ssi.dll

Digital Signature
Signed by:
Korea Contents Network

Authority:
Thawte, Inc.

Valid from:
1/14/2013 9:00:00 AM

Valid to:
4/16/2014 8:59:59 AM

Subject:
CN=Korea Contents Network, OU=IT Team, O=Korea Contents Network, L=Seocho-gu, S=SEOUL, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
21EE4A0E6A9CF5DFE2A088CE59AC500C

File PE Metadata
Compilation timestamp:
6/17/2013 4:36:20 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:61xU2Ha+8Kdj6r/2TtKyMSApQfIAVh37Jb3ta6zuwmIeo:+Oredj6r/2ZKIApQAEJbFDd

Entry address:
0x8AB9C

Entry point:
55, 8B, EC, 83, C4, C4, B8, F8, 98, 48, 00, E8, C4, C1, F7, FF, E8, 7F, 9D, F7, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.6186

Developed / compiled with:
Microsoft Visual C++

Code size:
550.5 KB (563,712 bytes)

Remove ssi.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.