home

TrojanKillerDll.dll

征途木马检测模块

Shanghai Giant Network Technology Co., Ltd.

Publisher:
上海征途网络科技有限公司  (signed by Shanghai Giant Network Technology Co., Ltd.)

Product:
征途木马检测模块

Version:
1, 0, 1, 90

MD5:
4cdeda534b40dc8dbcd3b70125e5f784

SHA-1:
9440b33beea2fc1276bec572df36fe302d032baa

SHA-256:
79ca96daaa4300c5f3bb5a11e8b9f3b2c53ab1332a2f1c4efff4e72fe62c605a

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/19/2024 12:50:05 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/Themida
7.1.1

Bkav FE
HW32.Packed
1.3.0.7383

K7 AntiVirus
Trojan
13.212.18079

File size:
1.2 MB (1,215,688 bytes)

Product version:
1, 0, 1, 90

Copyright:
上海征途网络科技有限公司 版权所有(C)2006

Original file name:
TrojanKillerDll.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Chinese (Simplified, PRC)

Common path:
C:\users\{user}\downloads\tanchinhdo 2.5\tanchinhdo 2.5\trojankillerdll.dll

Digital Signature
Signed by:
Shanghai Giant Network Technology Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
1/12/2010 7:00:00 AM

Valid to:
1/12/2013 6:59:59 AM

Subject:
CN="Shanghai Giant Network Technology Co., Ltd.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Shanghai Giant Network Technology Co., Ltd.", L=Shanghai, S=Shanghai, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
66381371086FA9E44FCE46BC758057FB

File PE Metadata
Compilation timestamp:
2/3/2009 11:14:30 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:x3pK7VCTw38Ujz9Srqt56f4PCZngSAFeV8zus+W4/lmxZfr:xpKMksGBTj6f4kgOKwZufr

Entry address:
0x1B014

Entry point:
B8, 00, 00, D6, 05, 60, 0B, C0, 74, 68, E8, 00, 00, 00, 00, 58, 05, 53, 00, 00, 00, 80, 38, E9, 75, 13, 61, EB, 45, DB, 2D, 37, B0, 01, 10, FF, FF, FF, FF, FF, FF, FF, FF, 3D, 40, E8, 00, 00, 00, 00, 58, 25, 00, F0, FF, FF, 33, FF, 66, BB, 19, 5A, 66, 83, C3, 34, 66, 39, 18, 75, 12, 0F, B7, 50, 3C, 03, D0, BB, E9, 44, 00, 00, 83, C3, 67, 39, 1A, 74, 07, 2D, 00, 10, 00, 00, EB, DA, 8B, F8, B8, 58, 52, 13, 00, 03, C7, B9, 6D, B2, 01, 00, 03, CF, EB, 0A, B8, 58, 52, 13, 10, B9, 6D, B2, 01, 10, 50, 51, E8, 87...
 
[+]

Entropy:
7.7592

Packer / compiler:
Themida/WinLicense V1.8.0.2 +

Code size:
64 KB (65,536 bytes)

Scan TrojanKillerDll.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.