» system.data.sqlite.dll
Overview
Analysis
File Details

system.data.sqlite.dll

System.Data.SQLite

Pass Revelator

SQLite3.DLL 3.6.16 is the .NET interop wrapper for the native SQLite library to connect to and manage a SQLite database and is recompiled by Pass Revelator. The module system.data.sqlite.dll, “System.Data.SQLite Interop Library” by Pass Revelator has been detected as adware by 5 anti-malware scanners. Note, this is a common distributed file and although it has been detected it might not be a threat is un-coupled from its distribution source.

File name:

Publisher:

Pass Revelator (signed and verified)

Product:

System.Data.SQLite

Description:

System.Data.SQLite Interop Library

Version:

1.0.65.0

MD5:

85081b52f039f9cb004a6ecb3f89f9c1

SHA-1:

7cdc512b680836b769e6270c89dd955a6c7881d3

SHA-256:

b749aaa19e345031491a0ee12969fab4e2781012446b0f76bef9c5d099b72f7d

Scanner detections:

5 / 68

Status:

Adware

Explanation:

While this SQLite file itself is not dangerous, it is part of a program that has been detected as potentially unwanted or malicious.

Analysis date:

4/27/2024 1:17:11 AM UTC (today)

Scan engine

Detection

Engine version

Kaspersky

not-a-virus:Downloader.Win32.Agent

14.0.0.3477

Qihoo 360 Security

Win32/Virus.Downloader.629

1.0.0.1015

Quick Heal

Downloader.Agent.r5 (Not a Virus)

7.14.14.00

Reason Heuristics

PUP.ResignedInterop.PassRevelator.Q

14.8.31.22

Trend Micro House Call

Suspicious_GEN.F47V0625

7.2.212

File size:

869.9 KB (890,776 bytes)

Product version:

1.0

Released to the public domain

Original file name:

SQLite3.DLL 3.6.16

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Digital Signature

Signed by:

Pass Revelator

Authority:

COMODO CA Limited

Valid from:

10/16/2013 5:00:00 PM

Valid to:

10/17/2015 4:59:59 PM

Subject:

CN=Pass Revelator, O=Pass Revelator, STREET=12 rue de Bercy, L=PARIS, S=Outside United States, PostalCode=75012, C=FR

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00D37B33CFAC6554AC36A251FA8F91F977

File PE Metadata

Compilation timestamp:

7/26/2009 5:24:56 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

12288:uQOzN2/IHPxPbx8YwkbXFl8a6PifS8t7YncnfrDc2Z0dwMHs9nFNFGFOFwcGF6cE:lukIHPJKYLvFGifS8t7uczrfD

Entry address:

0x9EC22

Entry point:

FF, 25, BC, F1, 09, 10, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.8597

Code size:

631.5 KB (646,656 bytes)

Remove system.data.sqlite.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.