» swdir_1207148.dll
Overview
Analysis
File Details
Behaviors (4)
Programs (1)
Downloads (1)

swdir_1207148.dll

Shockwave

Adobe Systems Incorporated

This is installed with Adobe Shockwave Player. The file has been seen being downloaded from new.dll-dll.com.

File name:

swdir_1207148.dll

Publisher:

Adobe Systems, Inc. (signed by Adobe Systems Incorporated)

Product:

Shockwave

Description:

Shockwave ActiveX Control

Version:

12.0.7r148

MD5:

7ec8511e362f51e17fec14e739cc3266

SHA-1:

f71d24a28aa698d957fa87c986407c0896549692

SHA-256:

9059a9636d837dc1b2477f28bdb34ee2b49fd0870b2cf28d171d8cc81551b98d

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 3:31:35 PM UTC (today)

File size:

387.9 KB (397,200 bytes)

Product version:

12.0.7 Development

Trademarks:

Director® is a registered trademark and Shockwave(tm) is a trademark of Adobe Systems, Inc.

Original file name:

SwDir.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Windows\System32\adobe\director\swdir_1207148.dll

Digital Signature

Signed by:

Adobe Systems Incorporated

Authority:

VeriSign, Inc.

Valid from:

2/27/2013 6:00:00 PM

Valid to:

3/1/2014 5:59:59 PM

Subject:

CN=Adobe Systems Incorporated, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU=Shockwave Player, O=Adobe Systems Incorporated, L=San Jose, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

5D3841BF447916AC15B84DD176B2A358

File PE Metadata

Compilation timestamp:

12/5/2013 3:02:47 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

12288:HZfoy3DGNKoXEjauQrT+djgLTGOV+199vkI:5AyzGNK2jjn8p

Entry address:

0x1DF25

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 8D, 64, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 6A, 08, 68, B8, 18, 23, 69, E8, 9C, 00, 00, 00, E8, CE, 27, 00, 00, 8B, 40, 78, 85, C0, 74, 16, 83, 65, FC, 00, FF, D0, EB, 07, 33, C0, 40, C3, 8B, 65, E8, C7, 45, FC, FE, FF, FF, FF, E8, C4, 2D, 00, 00, E8, B5, 00, 00, 00, C3, E8, A1, 27, 00, 00, 8B, 40, 7C, 85, C0, 74, 02, FF, D0, E9, B4, FF, FF, FF, 6A, 08, 68, D8, 18, 23, 69, E8, 50, 00, 00, 00, FF, 35, D0, 56, 23... 
[+]

Entropy:

5.8918

Code size:

160.5 KB (164,352 bytes)

2 Safe for Initializing Controls

CLSID:

{166B1BCA-3F9C-11CF-8075-444553540000}

CLSID name:

Shockwave ActiveX Control

CLSID:

{233C1507-6A77-46A4-9443-F871F945D258}

CLSID name:

Shockwave ActiveX Control

2 Safe for Scripting Controls

Name:

{166B1BCA-3F9C-11CF-8075-444553540000}

Name:

{233C1507-6A77-46A4-9443-F871F945D258}

The file swdir_1207148.dll has been discovered within the following program.

Adobe Shockwave Player by Adobe Systems Incorporated

Adobe Shockwave (formerly Macromedia Shockwave) is a multimedia platform used to add animation and interactivity to web pages.

www.adobe.com

11% remove it

The file swdir_1207148.dll has been seen being distributed by the following URL.

http://new.dll-dll.com/.../SwDir_1207148.dll

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.