» __5ee36a766c464860a1b26ad3b01a580b.dll
Overview
Analysis
File Details

__5ee36a766c464860a1b26ad3b01a580b.dll

The module __5ee36a766c464860a1b26ad3b01a580b.dll has been detected as a potentially unwanted program by 15 anti-malware scanners.

File name:

MD5:

e8e105170ad03694d477ac1dd5616bcd

SHA-1:

9408c3327cdc15c140d613a59a1fc87ec4cc2b64

SHA-256:

d75ba786599be70d1334a0ce84e01d159c93185505b339bc8a650bd16a19c630

Scanner detections:

15 / 68

Status:

Potentially unwanted

Analysis date:

5/5/2024 8:30:50 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.2248287

-40

Agnitum Outpost

Riskware.Agent

7.1.1

Baidu Antivirus

PUA.Win32.AdGazelle

4.0.3.17315

Bitdefender

Trojan.GenericKD.2248287

1.0.20.370

Emsisoft Anti-Malware

Trojan.GenericKD.2248287

8.17.03.15.01

ESET NOD32

Win32/AdGazelle.E potentially unwanted (variant)

11.11409

Fortinet FortiGate

W32/AdGazelle.E

3/15/2017

F-Secure

Trojan.GenericKD.2248287

11.2017-15-03_4

G Data

Trojan.GenericKD.2248287

17.3.25

MicroWorld eScan

Trojan.GenericKD.2248287

18.0.0.222

NANO AntiVirus

Trojan.Win32.AdGazelle.dppatr

0.30.8.659

nProtect

Trojan.GenericKD.2248287

15.04.01.01

Sophos

AdGazelle

4.98

Trend Micro House Call

TROJ_GEN.R047B01CV15

7.2.74

VIPRE Antivirus

Trojan.Win32.Generic

38958

File size:

628.5 KB (643,584 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\__5ee36a766c464860a1b26ad3b01a580b.dll

File PE Metadata

Compilation timestamp:

3/24/2015 2:26:39 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

Entry address:

0x5302D

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, B9, D3, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, FF, 35, 00, 6E, 09, 10, FF, 15, 88, 41, 07, 10, 85, C0, 74, 02, FF, D0, 6A, 19, E8, 2F, 59, 00, 00, 6A, 01, 6A, 00, E8, 8F, 48, 00, 00, 83, C4, 0C, E9, 54, 48, 00, 00, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00... 
[+]

Entropy:

6.6352

Code size:

459 KB (470,016 bytes)

Remove __5ee36a766c464860a1b26ad3b01a580b.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.