home

startisback32.dll

StartIsBack

ikimi

It is registered as a context menu handler (displays a menu when right-clicked in Explorer) named “{a2a9545d-a0c2-42b4-9708-a0b2badd77c9}”.
Publisher:
www.startisback.com  (signed by ikimi)

Product:
StartIsBack

Description:
StartIsBack+ brains and soul

Version:
3.0.4

MD5:
34d161346b84cd3f16abbbfad2eedc17

SHA-1:
3e08e088fe38aa8363cd31525e661a3032b7f591

SHA-256:
ad3ed276e9a24633f9736a7f2c55ad05d8cc3db4bf8bce809e5adafb263c7421

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/10/2024 3:05:02 AM UTC  (today)

File size:
438.2 KB (448,728 bytes)

Product version:
3.0.4

Copyright:
Copyright (C) 2013+, Tihiy

Original file name:
STARTISBACK.NEXT.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\startisback\startisback32.dll

Digital Signature
Signed by:
ikimi

Authority:
Unizeto Technologies S.A.

Valid from:
8/11/2013 1:00:34 AM

Valid to:
8/11/2014 1:00:34 AM

Subject:
E=ikimi@live.shop.edu.cn, CN="Open Source Developer, ikimi", OU=ABC, O=ikimi, C=CN

Issuer:
CN=Certum Level III CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
4813EE4F1B085EA1FE501D167C210705

File PE Metadata
Compilation timestamp:
11/6/2013 2:05:50 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:I/ET2OBYNVeEOKQv559YzLh7ihXGMRZYWjdWrIM72PH13LgGXcun5+J5Gbd2FQ+2:x2OBQPQNyBiF472PxBCe

Entry address:
0x1C4F0

Entry point:
55, 8B, EC, 8B, 45, 0C, 48, 0F, 85, EA, 00, 00, 00, 53, 56, 8B, 75, 08, 56, FF, 15, B8, 20, 02, 6C, 8B, 1D, FC, 24, 02, 6C, 6A, 43, 89, 35, 48, 04, 03, 6C, FF, D3, 8B, 35, D0, 22, 02, 6C, 85, C0, 74, 5D, 8D, 45, 08, 50, 8D, 4D, 0C, 51, 6A, 00, 6A, 10, 68, F4, B6, 02, 6C, 68, 9C, 9C, 02, 6C, 68, 01, 00, 00, 80, C7, 45, 0C, 00, 00, 00, 00, C7, 45, 08, 04, 00, 00, 00, FF, D6, 8D, 55, 08, 52, 8D, 45, 0C, 50, 6A, 00, 6A, 10, 68, F4, B6, 02, 6C, 68, 9C, 9C, 02, 6C, 68, 02, 00, 00, 80, C7, 45, 08, 04, 00, 00, 00...
 
[+]

Entropy:
6.0061

Developed / compiled with:
Microsoft Visual C++

Code size:
129 KB (132,096 bytes)

Context Menu Handler
Display name:
{a2a9545d-a0c2-42b4-9708-a0b2badd77c9}

CLSID:
{a2a9545d-a0c2-42b4-9708-a0b2badd77c9}


Scan startisback32.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.