» stanli.dll
Overview
Analysis
File Details
Downloads (7)

stanli.dll

File name:

stanli.dll

MD5:

7c20b779da121d359968f38801dbe6c7

SHA-1:

0954a9d3a8f1110d9b11ad02244b09830e6ae975

SHA-256:

2e33154ef6cac262febc288aba50978464a99ae726aa501e6ab03f92187c7978

Scanner detections:

2 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

5/6/2024 4:59:49 PM UTC (today)

Scan engine

Detection

Engine version

Dr.Web

Trojan.Siggen6.53545

9.0.1.05190

Qihoo 360 Security

HEUR/QVM29.0.Malware.Gen

1.0.0.1077

File size:

1.1 MB (1,106,944 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\offset\stanli.dll

File PE Metadata

Compilation timestamp:

12/4/2015 9:44:26 PM

OS version:

6.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

12288:eU8hexIj2/BHyj4zznnfODwg40nznQm1n7M/iE6BoRkZ916rQDD7v38D5sxq1LM7:/ROj0u17YbRSf6G/v38yxyLMkuCvjC

Entry address:

0x69F7D

Entry point:

E9, 2E, 77, 06, 00, E9, 19, FB, 05, 00, E9, 1A, EF, 0C, 00, E9, 0F, 26, 02, 00, E9, 7A, 24, 02, 00, E9, 55, 15, 08, 00, E9, E0, 9B, 07, 00, E9, 9B, 96, 04, 00, E9, 46, 7F, 06, 00, E9, 11, E9, 03, 00, E9, 4C, 55, 0A, 00, E9, 97, 86, 02, 00, E9, 52, 8F, 01, 00, E9, 1D, 57, 06, 00, E9, 18, A7, 01, 00, E9, F3, 9B, 04, 00, E9, 1E, EB, 00, 00, E9, 89, A3, 01, 00, E9, 94, 1B, 01, 00, E9, BF, F3, 00, 00, E9, 8A, 1F, 06, 00, E9, 85, B5, 0A, 00, E9, 40, 79, 07, 00, E9, DB, 0B, 06, 00, E9, 26, 3D, 05, 00, E9, 71, 1D... 
[+]

Entropy:

5.6712

Developed / compiled with:

Microsoft Visual C++ 8.0 (Debug)

Code size:

878 KB (899,072 bytes)

The file stanli.dll has been seen being distributed by the following 7 URLs.

http://download1502.mediafire.com/r34928sfe5ag/.../Offset.dll

http://download1382.mediafire.com/cufelfn6agrg/.../Offset.dll

http://download1382.mediafire.com/j1a06ahi3r5g/.../Offset.dll

http://download825.mediafire.com/kavkjls9icjg/.../Offset.dll

http://download1502.mediafire.com/um3a7jl3l8qg/.../Offset.dll

https://www.dropbox.com/s/.../Offset.dll?dl=1

http://download1382.mediafire.com/moffarsdnshg/.../Offset.dll

Scan stanli.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.