» [www.oldschoolhack.de]_vdveu.dll
Overview
Analysis
File Details
Downloads (3)

[www.oldschoolhack.de]_vdveu.dll

File name:

MD5:

950ef53c163a878897adecfdf120e699

SHA-1:

1a5b49be856b19801da5489098370c53de4e5fd0

SHA-256:

583aead0af17c29ecf3bd167816621ef43c260e000ae78c3d8a5a76d61ca3f4a

Scanner detections:

3 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

5/12/2024 1:54:09 AM UTC (today)

Scan engine

Detection

Engine version

IKARUS anti.virus

not-a-virus:Monitor.Win32.Perflogger

t3scan.1.6.1.0

Kaspersky

not-a-virus:Monitor.Win32.Perflogger

14.0.0.3896

Trend Micro House Call

TROJ_GEN.R08NH07D514

7.2.128

File size:

1.2 MB (1,253,376 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\downloads\[www.oldschoolhack.de]_vdveu.dll

File PE Metadata

Compilation timestamp:

3/11/2014 10:23:20 PM

OS version:

6.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

83.82

CTPH (ssdeep):

24576:QI0KMdAQy8LRFGkTrQ08MpIiYjTKb+a3QB:QH4SRFGkTzpIiYfKb+Q2

Entry address:

0x80FD5

Entry point:

83, 7C, 24, 08, 01, 75, 05, E8, AE, 8C, 00, 00, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, ED, FE, FF, FF, 59, C2, 0C, 00, 6A, 0C, 68, 40, DF, 0C, 10, E8, FA, 56, 00, 00, 83, 65, E4, 00, 8B, 75, 08, 3B, 35, 90, 1B, 0D, 10, 77, 22, 6A, 04, E8, B1, 4B, 00, 00, 59, 83, 65, FC, 00, 56, E8, F3, 53, 00, 00, 59, 89, 45, E4, C7, 45, FC, FE, FF, FF, FF, E8, 09, 00, 00, 00, 8B, 45, E4, E8, 06, 57, 00, 00, C3, 6A, 04, E8, AE, 4A, 00, 00, 59, C3, 55, 8B, 6C, 24, 08, 83, FD, E0, 0F, 87, 9F, 00, 00, 00, 53, 8B... 
[+]

Entropy:

7.1117

Code size:

596 KB (610,304 bytes)

The file [www.oldschoolhack.de]_vdveu.dll has been seen being distributed by the following 3 URLs.

http://www.unknowncheats.me/.../downloads.php?do=file&id=11219&act=down&actionhash=1472172726-97ccf50d0a368fa6c8b07bfef73cb35405b9453e

http://www.unknowncheats.me/.../downloads.php?do=file&id=11219&act=down&actionhash=1463731897-03fdd20cbf2997a297fca9b5bac22e4746a93aa4

http://www.unknowncheats.me/.../downloads.php?do=file&id=11219&act=down&actionhash=1451160302-0c59c9e511941f09a523d99cfd19375c375aa6ae

Scan [www.oldschoolhack.de]_vdveu.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.