» ssleay32.dll
Overview
Analysis
File Details
Programs (1)

ssleay32.dll

The OpenSSL Toolkit

Taiwan Shui Mu Chih Ching Technology Limited

The file ssleay32.dll, “OpenSSL Shared Library” by Taiwan Shui Mu Chih Ching Technology Limited has been detected as adware by 4 anti-malware scanners. This file is typically installed with the program Picexa by Taiwan Shui Mu Chih Ching Technology Limited.. It is also typically executed from the user's temporary directory.

File name:

ssleay32.dll

Publisher:

The OpenSSL Project, http://www.openssl.org/ (signed by Taiwan Shui Mu Chih Ching Technology Limited)

Product:

The OpenSSL Toolkit

Description:

OpenSSL Shared Library

Version:

1.0.0e

MD5:

640d6617c92f6579b9652b71a17e666b

SHA-1:

fa841a4dfa48855ae5ed335af66fe7e2ff8acd6e

SHA-256:

c8674d4ca5b447620c94a8c2d18e47324913ed5847dadf5bbcbc26879c611c6c

Scanner detections:

4 / 68

Status:

Adware

Analysis date:

5/3/2024 7:04:55 PM UTC (today)

Scan engine

Detection

Engine version

AVG

Generic

2016.0.3098

Bkav FE

W32.HfsAdware

1.3.0.6379

Dr.Web

Adware.Mutabaha.229

9.0.1.05190

Reason Heuristics

PUP.Thinknice

15.3.26.12

File size:

237.2 KB (242,872 bytes)

Product version:

1.0.0e

Original file name:

ssleay32.dll

Common path:

C:\users\{user}\appdata\local\temp\_@6970.tmp

Digital Signature

Signed by:

Taiwan Shui Mu Chih Ching Technology Limited

Authority:

GlobalSign nv-sa

Valid from:

3/4/2015 11:26:37 AM

Valid to:

3/4/2016 11:26:37 AM

Subject:

CN=Taiwan Shui Mu Chih Ching Technology Limited, O=Taiwan Shui Mu Chih Ching Technology Limited, L=Taipei City, S=Taiwan, C=TW

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121003857AB2AD439A7293EF2F1A8B3DCB6

File PE Metadata

Compilation timestamp:

8/22/2014 7:16:11 AM

OS version:

6.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

11.0

CTPH (ssdeep):

6144:h0gzDQAkEe4aV95GCqqpEejX+yrFUtERzU982Vz4labD+b1pzW25PhAgFLILB:qgzDQAkEe4aV95GCdrqyrFUmRzt2Vr

Entry address:

0x2B9FF

Entry point:

55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, CA, 04, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 10, 68, C8, 44, 03, 10, E8, C2, 05, 00, 00, 33, C0, 40, 8B, F0, 89, 75, E4, 33, DB, 89, 5D, FC, 8B, 7D, 0C, 89, 3D, 40, 92, 03, 10, 89, 45, FC, 85, FF, 75, 0C, 39, 3D, A4, 92, 03, 10, 0F, 84, D4, 00, 00, 00, 3B, F8, 74, 05, 83, FF, 02, 75, 38, A1, F0, 43, 03, 10, 85, C0, 74, 0E, FF, 75, 10, 57, FF, 75, 08, FF, D0, 8B, F0, 89, 75, E4, 85, F6, 0F, 84, B1, 00, 00, 00... 
[+]

Entropy:

6.4118

Developed / compiled with:

Microsoft Visual C++

Code size:

172.5 KB (176,640 bytes)

The file ssleay32.dll has been discovered within the following program.

Picexa by Taiwan Shui Mu Chih Ching Technology Limited.

About 2% of users remove it

Remove ssleay32.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.