home

TaskAuditModule.dll

Mandiant Intelligent Response

MANDIANT Corporation

Publisher:
MANDIANT Corporation  (signed and verified)

Product:
Mandiant Intelligent Response

Description:
MIR Task Audit Module

Version:
1.3.10.0

MD5:
eff857c2d56a7ddc23d69d261a0dcfe0

SHA-1:
7208397e413e82aa3e770ff56842d36062b4109e

SHA-256:
049f96e1bfd8fa2e686583bab426be4044cae2aad840d75028f0d201e8fb54d2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 5:05:51 AM UTC  (today)

File size:
92.6 KB (94,864 bytes)

Product version:
1.3.3

Copyright:
Copyright © 2009 Mandiant Corporation

Original file name:
TaskAuditModule.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\mandiant\mandiant intelligent response agent\modules\taskauditmodule.dll

Digital Signature
Signed by:
MANDIANT Corporation

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
1/16/2008 5:00:00 PM

Valid to:
11/13/2009 4:59:59 PM

Subject:
CN=MANDIANT Corporation, OU=PRODUCT DEVELOPMENT, O=MANDIANT Corporation, L=Alexandria, S=Virginia, C=US

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
0A0BBDDED69A6C6303CF5641FCD39FBC

File PE Metadata
Compilation timestamp:
9/12/2009 6:16:35 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
1536:Abs1aS3GPkISx2O7Dz5RkqrNk+XtN+8EjQh8oY5:AbslDVmoXtzRhk

Entry address:
0x36FE

Entry point:
83, 7C, 24, 08, 01, 75, 05, E8, 6C, 33, 00, 00, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, ED, FE, FF, FF, 59, C2, 0C, 00, 8B, C1, 8B, 4C, 24, 04, C7, 00, 44, ED, 00, 10, 8B, 09, 83, 60, 08, 00, 89, 48, 04, C2, 08, 00, 53, 8B, 5C, 24, 08, 56, 8B, F1, C7, 06, 44, ED, 00, 10, 8B, 43, 08, 89, 46, 08, 85, C0, 8B, 43, 04, 57, 74, 31, 85, C0, 74, 27, 50, E8, 13, 34, 00, 00, 8B, F8, 47, 57, E8, 17, 02, 00, 00, 85, C0, 59, 59, 89, 46, 04, 74, 18, FF, 73, 04, 57, 50, E8, 91, 33, 00, 00, 83, C4, 0C, EB, 09...
 
[+]

Entropy:
5.7106

Code size:
48 KB (49,152 bytes)

Scan TaskAuditModule.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.