home

waterlib.dll

Huayou Technology Co., Ltd.

Publisher:
上饶市华游科技有限公司  (signed by Huayou Technology Co., Ltd.)

Description:
Water For Inno Setup Plug

Version:
2.1.0.0

MD5:
e93459b817d6ea03466b214c393ee6e6

SHA-1:
ea3fac190d2e946f632ff9689c96b48b2f850733

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/23/2024 12:02:20 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/PECompact
7.1.1

Comodo Security
TrojWare.Win32.TrojanDownloader.Dadobra.~JH9
17251

File size:
488.8 KB (500,504 bytes)

Product version:
2.1.0.1

Copyright:
Copyright (C) 2008-2011

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Documents and Settings\{user}\Local settings\temp\{random}.tmp\waterlib.dll

Digital Signature
Signed by:
Huayou Technology Co., Ltd.

Authority:
WoSign eCommerce Services Limited

Valid from:
9/24/2013 10:02:12 PM

Valid to:
9/27/2014 4:27:20 PM

Subject:
E=1532389386@qq.com, CN="Huayou Technology Co., Ltd.", O="Huayou Technology Co., Ltd.", L=Shangrao, S=Jiangxi, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:
0A34A512001E06

File PE Metadata
Compilation timestamp:
11/7/2013 11:00:09 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:NtIA92Cyh9q0nZ1bmBc/VLxt+cXSySKC95wtoC29M1iPC:NCQmkKbH1xkcXShKCkt+Mgq

Entry address:
0x477C8

Entry point:
B8, 78, D9, 0D, 10, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, DE, 92, FD, 84, 1E, ED, F2, E2, E1, 55, D1, F7, 0C, 58, FE, 7D, 6B, 26, 3B, DB, BB, 33, 74, A4, D7, 57, 0D, 30, 50, 79, 56, 86, 75, AE, 8E, 74, E7, 89, 14, ED, 4A, BF, 8E, 67, FB, 3D, 8E, 82, 3F, 54, 21, F5, CB, C3, 10, CC, 3D, 5E, D0, 0E, C9, A2, 5E, 0F, CD, 79, 18, C5, A5, 3A, 46, 39, 38, D8, AE, A5, BE, 01, B0, 4F, C8, 52, CA, 40, 3E, 03, 37, 1C, 90, 8E, AE, 8A, 65...
 
[+]

Entropy:
7.9940

Packer / compiler:
PECompact v2

Code size:
846 KB (866,304 bytes)

Scan waterlib.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.