» zlib.dll
Overview
Analysis
File Details
Programs (6)
Downloads (19)

zlib.dll

File name:

zlib.dll

MD5:

d7b28fe29872954b3f1c00b31b1c7f7b

SHA-1:

1a2d3ae9a838b95fd9acc17c10cd7c01b36c8593

SHA-256:

b8be760b04bf742713bb45ab1ed97796c96bbc7f9e0d93facdb8e080021a6c2b

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/18/2024 2:49:56 PM UTC (today)

File size:

100 KB (102,400 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\odin3-v3.04\zlib.dll

File PE Metadata

Compilation timestamp:

10/28/2005 1:42:04 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

1536:DrKIFvK48Yrcdi/Natgf9B1eT4U4XMaWsyQ88loU:HB86fv4ZYyQ88lo

Entry address:

0xD843

Entry point:

55, 8B, EC, 53, 8B, 5D, 08, 56, 8B, 75, 0C, 57, 8B, 7D, 10, 85, F6, 75, 09, 83, 3D, D0, 71, 01, 10, 00, EB, 26, 83, FE, 01, 74, 05, 83, FE, 02, 75, 22, A1, C8, 88, 01, 10, 85, C0, 74, 09, 57, 56, 53, FF, D0, 85, C0, 74, 0C, 57, 56, 53, E8, E7, FE, FF, FF, 85, C0, 75, 04, 33, C0, EB, 4E, 57, 56, 53, E8, 83, 28, 00, 00, 83, FE, 01, 89, 45, 0C, 75, 0C, 85, C0, 75, 37, 57, 50, 53, E8, C3, FE, FF, FF, 85, F6, 74, 05, 83, FE, 03, 75, 26, 57, 56, 53, E8, B2, FE, FF, FF, 85, C0, 75, 03, 21, 45, 0C, 83, 7D, 0C, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

72 KB (73,728 bytes)

The file zlib.dll has been discovered within the following programs.

ASANSAM by ASANGSM

Publisher's description - “AsanSam Box (ASB Box) is a very powerful phone servicing tool for flashing, software repair and unlocking of Samsung mobiles.”

www.asangsm.com

About 2% of users remove it

Galaxy Ace GTS5830i-c-m-9i Toolkit for Windows by Lopicl Dev

www.lopicldev.altervista.com

About 1% of users remove it

Galaxy Nexus ToolKit by skipsoft

www.skipsoft.net

About 7% of users remove it

Package: Galaxy Nexus ToolKit by Mark Skippen

About 8% of users remove it

Package: Galaxy Nexus ToolKit [JellyBean Edition] by skipsoft

About 1% of users remove it

Package: Samsung Galaxy S3 ToolKit by skipsoft

5% remove it

The file zlib.dll has been seen being distributed by the following 19 URLs.

https://doc-0s-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/q5eu592lrp11r172rb9bu4fnh547o2hd/1484488800000/01614630224418143310/.../0B4wXymrNcbUheDZqV1cxcjZvMHM?e=download

https://mega.nz/temporary/.../1dQlzaAY

https://mega.nz/temporary/.../akNFhKoY

https://doc-14-1c-docs.googleusercontent.com/docs/securesc/jlsenrb3n27fs0kegm0ciac13fl2m7r5/ju4coe7h8a6du9ojk6872cqtf24sh63o/1474041600000/.../15201027243085237576/0Bwp5-OF6lD4QWFJHX1ZxNG1vR2M?e=download

https://mega.nz/persistent/.../1dQlzaAY

https://mega.nz/persistent/.../0QxDwaTL

https://mega.nz/temporary/.../60JmXJoD

http://download1889.mediafire.com/2opubxt4t5lg/.../zlib.dll

https://mega.nz/temporary/.../G9dnyKxI

https://docviewer.yandex.com.tr/source?id=9yfx-a7ud4x490v7y8lnsjlqlvn8g9uv6wzcyiulqk09ctuvx0ng4fuk74dj4wxatvvp4ysds9rninz9kljatwbphblrjwlf1rpq9jbr&archive-path=//.../zlib.dll&ts=1564d0747f1&token=0lxXtSGQBWgINkepBi504g==&name=Odin307.zip

https://drive.google.com/uc?id=0B3cekuUYZU3IaXdMTlZMdVZHMkU&export=download

https://mega.co.nz/temporary/.../QYx0wZ6Z

https://mega.nz/temporary/.../l8MxiZZC

https://mega.nz/temporary/.../VN5VyYQZ

http://s10700.chomikuj.pl/File.aspx?e=WD9BMww00eCj1WORKBTcuiTcj_gfK1DjJKzw8b_He-xq_VTymfX8e08AMJL7CmTcc_X367DZOa3Je5PJlzAw9k1W3BMb4dZ5tB9dUWNJG7EZcvZP7NMf0_OB69PJ1f9C&pv=2

temp:zlib.dll

https://www.dropbox.com/sh/q29x3tv7l5j6epj/AAA35XhRLvq0ULrP1RZ5_2rWa/.../zlib.dll?dl=1

https://doc-08-7c-docsviewer.googleusercontent.com/viewer/securedownload/agt22gehfnhh89ebcjuc5ghdu4ti0ekh/s6hpf8262dhq3o392hnitlv30vr0rurm/1378737900000/ZXhwbG9yZXI=/.../MEJ3TzJLNl9wZ3EzOWVqRnViVTQzTmtwcmIyYw==?a=dl&filename=Odin307.zip&sec=AHSqidavO9yHaOb9uoKYpf6WYL6BZfW0qPKfIjQrSAJdYhL0vQo87xHw9-eKZpAE94OLgPyoJxTZ&rel=zip;z5;zlib.dll

https://doc-0c-6k-docsviewer.googleusercontent.com/viewer/securedownload/9tpa2mcunhqkb5f8ofbrl77gv54rs949/qg1caepbi4b0hehtoaffjqdf152j1vuv/1391639400000/ZXhwbG9yZXI=/.../MEJ3TzJLNl9wZ3EzOWVqRnViVTQzTmtwcmIyYw==?a=dl&filename=Odin307.zip&sec=AHSqidaRTTuSt6SAvQBEcUIgleOoikPohOjxPls2tRlV6AeWIYLrLWpgMR_qAqbbwMNB3ZIqDpOn&rel=zip;z5;zlib.dll

Scan zlib.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.