home

userenv.dll

Microsoft Windows Operating System

Microsoft Corporation

It is included with Windows XP (SP2). The file has been seen being downloaded from www.certpia.com.
Publisher:
Microsoft Corporation

Product:
Microsoft(R) Windows(R) Operating System

Description:
Userenv

 
Part of the Windows XP (Service Pack 2) Operating System

Version:
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

MD5:
6953187237981df20b7da17f34ebfbbc

SHA-1:
abb6d3c8c538c57a14a381d331ca4e781729e6a8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
5/6/2024 12:39:01 PM UTC  (today)

File size:
693 KB (709,632 bytes)

Product version:
5.1.2600.2180

Copyright:
(C)Microsoft Corporation. All rights reserved.

Original file name:
userenv.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Windows\System32\userenv.dll

Registration
CLSID:
{B3FF88A4-96EC-4CC1-983F-72BE0EBB368B}

COM registered:
Yes

File PE Metadata
Compilation timestamp:
8/4/2004 4:52:50 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
12288:4mPCe2OigOw/Thw8UpH5Errz3bDuTPIf8yTyKJyiOGrr:4mPCZ8UparDGKJKG

Entry address:
0x15D4

Entry point:
8B, FF, 55, 8B, EC, 53, 8B, 5D, 08, 56, 8B, 75, 0C, 85, F6, 57, 8B, 7D, 10, 0F, 84, EA, 04, 00, 00, 83, FE, 01, 0F, 85, ED, 04, 00, 00, A1, 38, 04, A5, 75, 85, C0, 0F, 85, A3, 85, 03, 00, 57, 56, 53, E8, 59, FF, FF, FF, 85, C0, 0F, 84, A0, 85, 03, 00, 57, 56, 53, E8, 23, 00, 00, 00, 83, FE, 01, 89, 45, 0C, 0F, 85, D5, 04, 00, 00, 85, C0, 0F, 84, 8B, 85, 03, 00, 8B, 45, 0C, 5F, 5E, 5B, 5D, C2, 0C, 00, 90, 90, 90, 90, 90, 8B, FF, 55, 8B, EC, 81, EC, 0C, 02, 00, 00, A1, B4, 03, A5, 75, 56, 8B, 75, 08, 89, 45...
 
[+]

Entropy:
5.8282

Code size:
634 KB (649,216 bytes)

The file userenv.dll has been seen being distributed by the following URL.

http://www.certpia.com/upfile/ocx/.../userenv.dll

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.