» tsax.dll
Overview
Analysis
File Details
Downloads (1)

tsax.dll

File name:

tsax.dll

MD5:

de11d4d0e0ea3dc365ddb7beef547f7c

SHA-1:

23c4c5fd0d412a08cad055f15daba10b45734350

SHA-256:

19f9d93365f01ac30969514951528fe4cae8dd0e8ba4899bd9486b0e836825a6

Scanner detections:

8 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/19/2024 10:53:33 AM UTC (today)

Scan engine

Detection

Engine version

Arcabit

Trojan.Heur.LP.E2A42A

1.0.0.590

Bitdefender

Gen:Trojan.Heur.LP.SO4@aiWT5Wg

1.0.20.140

Bkav FE

HW32.Packed

1.3.0.7383

Emsisoft Anti-Malware

Gen:Trojan.Heur.LP.SO4@aiWT5Wg

8.16.01.28.04

F-Secure

Gen:Trojan.Heur.LP.SO4@aiWT5Wg

11.2016-28-01_5

G Data

Gen:Trojan.Heur.LP.SO4@aiWT5Wg

16.1.25

K7 AntiVirus

Trojan

13.212.17783

MicroWorld eScan

Gen:Trojan.Heur.LP.SO4@aiWT5Wg

17.0.0.84

File size:

711 KB (728,064 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\downloads\tsax.dll

File PE Metadata

Compilation timestamp:

8/4/2014 11:12:06 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:Hf3JZ5Pm6u8ZHKyT+DJgw7M1FjuHqrTVx+GZvN/JSFHAAd4j2egJs7aa9ixPMbUr:Hf39e/8ZHZZpf6GHJSF/4i7il4hMg

Entry address:

0x152DAF

Entry point:

E8, 79, 0F, F6, FF, 8D, 64, 24, 2C, E8, 20, F0, FF, FF, E9, 37, F2, FF, FF, C6, 04, 24, 47, 66, C7, 04, 24, DE, 5B, 88, 45, FE, 88, 6C, 24, 04, 8D, 64, 24, 20, E9, CB, F9, FF, FF, E2, 14, 49, 77, A2, EA, 21, B6, 23, EB, BF, 6C, 83, 57, 34, 76, 55, 00, 5C, C5, AB, F1, F2, 22, B3, 72, BA, FC, 31, 9C, F9, 2F, E7, 9D, EA, 00, A1, 84, 4F, B0, 6A, F6, 36, 2E, 7E, 04, 86, 34, B4, 63, 39, F4, C6, 10, F5, 39, D0, 0E, 0A, F4, 97, D7, 8A, C2, 2F, 6F, 78, F2, 50, E4, 5F, 99, 44, 68, A1, 43, 7C, 4D, DC, 44, 63, 60, D8... 
[+]

Entropy:

7.9812 (probably packed)

Code size:

20.5 KB (20,992 bytes)

The file tsax.dll has been seen being distributed by the following URL.

https://docviewer.yandex.com/source?id=ltssu-68za4wa0ncc6i40ioblun146oxllcqw4yy4ajw4l8z56r6jw4qyuk6smyaibw326ui5l7hfqhboalfpitl62ur2r5bd0jc89mli&archive-path=//TSAX.dll&ts=14ef14c2c5d&token=EGiJX0wjXl0FkdATsmJ18g==&name=calterm.7z

Scan tsax.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.