home

y7csel.dll

yessign7 Certselect DLL Module

yessign

Publisher:
금융결제원  (signed by yessign)

Product:
yessign7 Certselect DLL Module

Version:
1, 0, 1, 14

MD5:
fb2fc0ca761ac6fd726474f868037bdc

SHA-1:
c91cab52a8cc7cad638d822e66090d31c32ba21f

SHA-256:
f220d2b93bb603f4e0cf1109f169ce09b0c44f168e6876eaadab9e9458af3666

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/24/2024 9:52:32 PM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
TROJ_GEN.F47V1003
7.2.355

File size:
737.7 KB (755,368 bytes)

Product version:
1, 0, 1, 14

Copyright:
Copyright (C) 2010

Original file name:
y7csel.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\windows\syswow64\y7csel.dll

Digital Signature
Signed by:
yessign

Authority:
yessign

Valid from:
8/13/2012 12:00:00 AM

Valid to:
9/6/2014 11:58:59 PM

Subject:
CN=금융결제원(KFTC), OU=02201009060001, OU=code-sign, O=yessign, C=kr

Issuer:
CN=yessignCA General Class 2, OU=AccreditedCA, O=yessign, C=kr

Serial number:
068A94510546D7BABC1C

File PE Metadata
Compilation timestamp:
7/2/2013 2:46:19 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:dy8ZEgXElfjFTNTlRfFdkWOZmNGsLQqVhjHOoYP1crf2phm:dy4EYElfjFTxlRfnkWOZmNycrp

Entry address:
0x59507

Entry point:
55, 8B, EC, 53, 8B, 5D, 08, 56, 8B, 75, 0C, 57, 8B, 7D, 10, 85, F6, 75, 09, 83, 3D, 44, FA, 07, 10, 00, EB, 26, 83, FE, 01, 74, 05, 83, FE, 02, 75, 22, A1, A4, E0, 07, 10, 85, C0, 74, 09, 57, 56, 53, FF, D0, 85, C0, 74, 0C, 57, 56, 53, E8, 15, FF, FF, FF, 85, C0, 75, 04, 33, C0, EB, 4E, 57, 56, 53, E8, 8E, FB, FF, FF, 83, FE, 01, 89, 45, 0C, 75, 0C, 85, C0, 75, 37, 57, 50, 53, E8, F1, FE, FF, FF, 85, F6, 74, 05, 83, FE, 03, 75, 26, 57, 56, 53, E8, E0, FE, FF, FF, 85, C0, 75, 03, 21, 45, 0C, 83, 7D, 0C, 00...
 
[+]

Entropy:
6.6852

Developed / compiled with:
Microsoft Visual C++ 6.0

Code size:
364 KB (372,736 bytes)

ActiveX Install
Name:
{B0A75875-3622-48BA-B5FF-45AD77AC2D0E}


Scan y7csel.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.