» 77f286186edc32068bafd93d688470cefd2d3f369f4afbe327651a63218680f6.dll
Overview
Analysis
File Details
Downloads (1)

77f286186edc32068bafd93d688470cefd2d3f369f4afbe327651a63218680f6.dll

File name:

MD5:

3307eeb2a5965d2b6855c6612149b74f

SHA-1:

eb10785ca7868986e7725b19abc3d5fc727c6cb6

SHA-256:

77f286186edc32068bafd93d688470cefd2d3f369f4afbe327651a63218680f6

Scanner detections:

8 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

1/12/2025 6:43:45 AM UTC (today)

Scan engine

Detection

Engine version

AegisLab AV Signature

Troj.Crypt.Epack!c

2.1.4+

Avira AntiVirus

TR/Crypt.EPACK.Gen2

8.3.3.4

Baidu Antivirus

Win32.Trojan.WisdomEyes.151026.9950

4.0.3.1652

Bkav FE

HW32.Packed

1.3.0.7744

IKARUS anti.virus

Trojan.Crypt

t3scan.2.0.9.0

K7 AntiVirus

Riskware

13.220.19184

Qihoo 360 Security

HEUR/QVM39.1.Malware.Gen

1.0.0.1120

Quick Heal

(Suspicious) - DNAScan

5.16.14.00

File size:

381 KB (390,144 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\downloads\77f286186edc32068bafd93d688470cefd2d3f369f4afbe327651a63218680f6.dll

File PE Metadata

Compilation timestamp:

8/1/2014 10:46:38 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

CTPH (ssdeep):

6144:dnJhm5quuvZk0fhCGV1ZFc1zBKw32tLp6OcA3lL1FgF9L4UDg6R4HLkE9GkcJRqr:1i8k0fh7Fc1zMwEpSAxfgF9U8IIWG+pl

Entry address:

0xB7000

Entry point:

E9, EC, 0F, 00, 00, BE, CC, FE, 3F, 4A, 59, D3, B6, AC, 10, C0, BD, 0E, 33, DD, F5, E3, 7C, C4, 7D, 12, 31, 26, 69, 08, 12, EA, 89, 89, 78, 3D, 8A, A6, 78, EB, 5D, 27, F9, 89, B5, 44, 90, 07, DC, 1D, 66, B6, 84, E6, DF, A3, 94, 11, EC, AB, 8D, A6, 95, 37, 38, 6E, 49, 2D, 33, D2, 35, 17, 95, 47, 80, CD, E9, F3, 0E, 38, 82, 29, 49, 4B, A1, 5C, 66, A3, AA, D5, A8, 79, B9, CD, 5E, B7, 92, C2, 51, 46, FB, 62, D3, 09, E7, 4F, 20, 3C, 66, 11, B9, A1, 02, B3, 28, 63, 5C, 49, 96, DC, 08, A6, 83, 5D, 29, BC, 5D, C8... 
[+]

Entropy:

7.8928

Packer / compiler:

Xtreme-Protector v1.05

Code size:

1.1 GB (1,190,627,194 bytes)

The file 77f286186edc32068bafd93d688470cefd2d3f369f4afbe327651a63218680f6.dll has been seen being distributed by the following URL.

http://dropcanvas.com/.../1

Scan 77f286186edc32068bafd93d688470cefd2d3f369f4afbe327651a63218680f6.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.