home

ydmo5tkf.dll

Tencent Technology(Shenzhen) Company Limited

Publisher:
Tencent Technology(Shenzhen) Company Limited  (signed and verified)

MD5:
f027b01cfce6d817f255f46c8731a551

SHA-1:
a1d6790b2bed7cc22486282ce234cf13199f84ba

SHA-256:
7350480c4743fabc0b7cbdc5e7973d62f31b3da187cd6158b073702c0b13675b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 4:41:08 PM UTC  (today)

File size:
2.7 MB (2,836,960 bytes)

File type:
Dynamic link library (Win32 DLL)

Language:
Chinese (Simplified, PRC)

Common path:
C:\users\{user}\appdata\roaming\ydmo5tkf.dll

Digital Signature
Signed by:
Tencent Technology(Shenzhen) Company Limited

Authority:
VeriSign, Inc.

Valid from:
1/16/2013 6:00:00 PM

Valid to:
2/16/2016 5:59:59 PM

Subject:
CN=Tencent Technology(Shenzhen) Company Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Tencent Technology(Shenzhen) Company Limited, L=shenzhen, S=guangdong, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7170BD93CF3F189AE6452B514C49340E

File PE Metadata
Compilation timestamp:
6/15/2015 6:36:05 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
49152:Ox8T1VYoTBaKgw08TeD4vqDOpop/vSHTgtENXkVA8C1jq2C4l/z5LbNpVCg2x:RpVDBaKEWqqEHSDEW1/C4l1Lb7E3

Entry address:
0x7A981

Entry point:
83, 7C, 24, 08, 01, 75, 05, E8, 80, E8, 00, 00, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, ED, FE, FF, FF, 59, C2, 0C, 00, 6A, 0C, 68, 08, 3A, 0B, 10, E8, 12, 07, 00, 00, 33, C0, 33, F6, 39, 75, 08, 0F, 95, C0, 3B, C6, 75, 1D, E8, 40, 03, 00, 00, C7, 00, 16, 00, 00, 00, 56, 56, 56, 56, 56, E8, C4, 94, FF, FF, 83, C4, 14, 83, C8, FF, EB, 5F, E8, 57, 78, 00, 00, 6A, 20, 5B, 03, C3, 50, 6A, 01, E8, 5D, 79, 00, 00, 59, 59, 89, 75, FC, E8, 40, 78, 00, 00, 03, C3, 50, E8, 97, BB, 00, 00, 59, 8B, F8, 8D...
 
[+]

Entropy:
6.9440

Code size:
612 KB (626,688 bytes)

Scan ydmo5tkf.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.