home

y7wrapper.dll

yessign7 Wrapper DLL Module

yessign

Publisher:
금융결제원  (signed by yessign)

Product:
yessign7 Wrapper DLL Module

Version:
1, 0, 1, 14

MD5:
709fa58a3c2068f020ce81afc88d055a

SHA-1:
308d1f6085f3c8be45bd3e9169b0478b0e97e6cf

SHA-256:
183602044930670cafb96aae0bbe35777da1a197c9b8e1d1c82b456dec7e6182

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/19/2024 3:16:54 AM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
TROJ_GEN.F47V1003
7.2.353

File size:
449.7 KB (460,464 bytes)

Product version:
1, 0, 1, 14

Copyright:
Copyright (C) 2010

Original file name:
y7wrapper.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\windows\syswow64\y7wrapper.dll

Digital Signature
Signed by:
yessign

Authority:
yessign

Valid from:
8/13/2012 12:00:00 AM

Valid to:
9/6/2014 11:58:59 PM

Subject:
CN=금융결제원(KFTC), OU=02201009060001, OU=code-sign, O=yessign, C=kr

Issuer:
CN=yessignCA General Class 2, OU=AccreditedCA, O=yessign, C=kr

Serial number:
068A94510546D7BABC1C

File PE Metadata
Compilation timestamp:
7/2/2013 2:47:14 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:D91sc9MgWyJEoj3cUHQJML0dKVsLQqVhjHOoID92pp5:R1scqgWyJEoj3cUHIML0d8DM

Entry address:
0x4B5D9

Entry point:
55, 8B, EC, 53, 8B, 5D, 08, 56, 8B, 75, 0C, 57, 8B, 7D, 10, 85, F6, 75, 09, 83, 3D, E8, 84, 06, 10, 00, EB, 26, 83, FE, 01, 74, 05, 83, FE, 02, 75, 22, A1, F8, 84, 06, 10, 85, C0, 74, 09, 57, 56, 53, FF, D0, 85, C0, 74, 0C, 57, 56, 53, E8, 15, FF, FF, FF, 85, C0, 75, 04, 33, C0, EB, 4E, 57, 56, 53, E8, D7, 59, FB, FF, 83, FE, 01, 89, 45, 0C, 75, 0C, 85, C0, 75, 37, 57, 50, 53, E8, F1, FE, FF, FF, 85, F6, 74, 05, 83, FE, 03, 75, 26, 57, 56, 53, E8, E0, FE, FF, FF, 85, C0, 75, 03, 21, 45, 0C, 83, 7D, 0C, 00...
 
[+]

Entropy:
6.7949

Developed / compiled with:
Microsoft Visual C++ 6.0

Code size:
300 KB (307,200 bytes)

ActiveX Install
Name:
{B0A75875-3622-48BA-B5FF-45AD77AC2D0E}


Scan y7wrapper.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.