home

XGDI.dll

网易POPO

Netease(Hangzhou) Network Co.Ltd.

Publisher:
网易公司  (signed by Netease(Hangzhou) Network Co.Ltd.)

Product:
网易POPO

Description:
网易POPO动态链接库

Version:
1.0.0.1

MD5:
0441370249750597589663e34aea3193

SHA-1:
47793dba8845211af86692b75566db2b5120ef87

SHA-256:
2fc233366a57df08277f30db594121aa2059fec831afeeab34887b54b79939e0

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/19/2024 12:32:56 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
W32/Ramnit.C
7.11.30.172

File size:
364.7 KB (373,480 bytes)

Product version:
1.0.0.1

Copyright:
网易公司版权所有 (C) 1997-2012

Original file name:
XGDI.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Chinese (Simplified, China)

Common path:
C:\Program Files\netease\popo\xgdi.dll

Digital Signature
Signed by:
Netease(Hangzhou) Network Co.Ltd.

Authority:
VeriSign, Inc.

Valid from:
6/25/2010 5:30:00 AM

Valid to:
6/25/2013 5:29:59 AM

Subject:
CN=Netease(Hangzhou) Network Co.Ltd., OU=Netease(Hangzhou), OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Netease(Hangzhou) Network Co.Ltd., L=Hangzhou, S=Zhejiang, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3D8510B4C5BC9C4989238C1C0559F1D9

File PE Metadata
Compilation timestamp:
11/20/2012 12:35:59 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:ffqCYSX4/Q7+R2zdJK5GAarHH6vkmI3i6UPlA8lTBHQO1vvLdPw1:L7rzdYYrUk7UPlA8lThzw1

Entry address:
0x4D8B6

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, C0, 05, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, CC, FE, FF, FF, 59, 5D, C2, 0C, 00, CC, FF, 25, 68, F1, 04, 10, FF, 25, 74, F1, 04, 10, FF, 25, 78, F1, 04, 10, FF, 25, 7C, F1, 04, 10, FF, 25, 84, F1, 04, 10, 6A, 14, 68, 60, 46, 05, 10, E8, 04, 05, 00, 00, 83, 65, FC, 00, FF, 4D, 10, 78, 3A, 8B, 4D, 08, 2B, 4D, 0C, 89, 4D, 08, FF, 55, 14, EB, ED, 8B, 45, EC, 89, 45, E4, 8B, 45, E4, 8B, 00, 89, 45, E0, 8B, 45, E0, 81, 38, 63, 73, 6D, E0, 74, 0B, C7, 45...
 
[+]

Entropy:
6.4646

Code size:
308.5 KB (315,904 bytes)

Scan XGDI.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.