home

warpcore2.dll

Fly Elise-ng

Publisher:
Fly Elise-ng  (signed and verified)

MD5:
2f579d305f5d03b816f103310cf3aadd

SHA-1:
c6524fd2baeb8da22dee351db8f54a8f33aae19a

SHA-256:
392b853875f18e5070c1e456527f36f85c75dba73491a5411a1a485f78115417

Scanner detections:
7 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/19/2024 8:49:07 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Win32/Heur
2016.0.2956

Comodo Security
UnclassifiedMalware
21321

ESET NOD32
Win32/Packed.Enigma.AAA (variant)
9.11282

Fortinet FortiGate
W32/Generic
10/14/2015

IKARUS anti.virus
Virus.Win32.Heur
t3scan.1.8.6.0

McAfee
Artemis!2F579D305F5D
5600.6612

Total Defense
Win32/Ramnit.DW
37.0.11481

File size:
910.6 KB (932,448 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\downloads\idisplaylite2\install\warpcore2.dll

Digital Signature
Signed by:
Fly Elise-ng

Authority:
COMODO CA Limited

Valid from:
2/18/2013 1:00:00 AM

Valid to:
2/19/2015 12:59:59 AM

Subject:
CN=Fly Elise-ng, O=Fly Elise-ng, STREET=Grasstrook 24, L=Eindhoven, S=Noord-Brabant, PostalCode=5658 HG, C=NL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
028EC5E313569430CBC13EFE3F4BA406

File PE Metadata
Compilation timestamp:
5/24/2013 11:10:41 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:mi3Yd8noBHqfEpbW5wwyPImzQ/+afpnRyY9jjU8j9jGVxKCb6O4qQ+lqag9u0mCI:mrgmb0wwuFQZfpcYRzpjGVjwFa3Cu6OD

Entry address:
0x43C474

Entry point:
60, E8, 00, 00, 00, 00, 5D, 81, ED, 06, 00, 00, 00, 81, ED, 74, C4, 43, 00, E9, 4C, 00, 00, 00, 45, 4E, 49, 47, 4D, 41, 02, 00, DD, 07, 05, 00, 18, 00, 15, 00, 0B, 00, 1F, 00, 1C, 86, 55, 24, AD, A8, 70, AA, 1C, C4, 58, 0A, 1E, 3E, A3, A7, B6, 18, 30, E2, 02, 00, 00, 00, 9E, EC, 56, 5F, D4, DF, 57, 32, F7, 48, D5, 05, 97, CC, A7, 13, 03, 08, D6, 13, 48, 2F, E2, CD, B0, 70, DE, F6, 07, B7, 4F, 9E, 8A, 84, 24, 28, 00, 00, 00, 80, F8, 01, 0F, 84, 07, 00, 00, 00, 61, 33, C0, 40, C2, 0C, 00, E9, 04, 00, 00, 00...
 
[+]

Packer / compiler:
ASPack v1.08.04

Code size:
347 KB (355,328 bytes)

Scan warpcore2.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.