home

78ee25b4a6f937ab12408e91dd8bb25d.dll

FFmpeg

深圳市为爱普信息技术有限公司

Publisher:
FFmpeg Project  (signed by 深圳市为爱普信息技术有限公司)

Product:
FFmpeg

Description:
FFmpeg image rescaling library

Version:
4.0.100

MD5:
78ee25b4a6f937ab12408e91dd8bb25d

SHA-1:
d2b82a38ea62946038bec3e90c843a60a086cf9d

SHA-256:
3f961ed72c797a43fa77a1f09531049104e6150369afe6c9b59c50722f6e8a6a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 11:00:35 AM UTC  (today)

File size:
550.4 KB (563,584 bytes)

Product version:
3.0

Copyright:
Copyright (C) 2000-2016 FFmpeg Project

Original file name:
swscale-4.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\78ee25b4a6f937ab12408e91dd8bb25d.dll

Digital Signature
Signed by:
深圳市为爱普信息技术有限公司

Authority:
GlobalSign nv-sa

Valid from:
2/26/2016 10:20:32 AM

Valid to:
6/20/2016 11:09:33 AM

Subject:
CN=深圳市为爱普信息技术有限公司, OU=IT Dept., O=深圳市为爱普信息技术有限公司, L=Shenzhen, S=Guangdong, C=CN

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121489EB7D6639A5B0CB949A9C319C024FE

File PE Metadata
Compilation timestamp:
2/29/2016 5:46:40 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.21

CTPH (ssdeep):
6144:ynO+Ajngg+cgMGXB2OQFGEINlNsFe8Ali/WQMZWm0TSkkKxCqFE5Zr1XltZT/s7x:ljngbMk4ZFBINlNsFezj0TSkuFvbkEwF

Entry address:
0x1058

Entry point:
55, 89, E5, 57, 56, 53, 83, EC, 2C, 8B, 75, 08, 8B, 5D, 0C, 8B, 7D, 10, 83, FB, 01, 74, 3D, 89, 7C, 24, 08, 89, 5C, 24, 04, 89, 34, 24, E8, F9, 7E, 06, 00, 83, EC, 0C, 85, DB, 75, 19, 8B, 15, 00, 90, 08, 10, 85, D2, 0F, 84, 84, 00, 00, 00, 89, 45, E4, E8, 64, FF, FF, FF, 8B, 45, E4, 8D, 65, F4, 5B, 5E, 5F, C9, C2, 0C, 00, 8D, 76, 00, C7, 04, 24, 80, 00, 00, 00, E8, D8, 85, 06, 00, A3, 00, 90, 08, 10, 85, C0, 74, 63, C7, 00, 00, 00, 00, 00, A3, 04, 90, 08, 10, A1, 40, C1, 07, 10, 85, C0, 74, 14, 89, 7C, 24...
 
[+]

Code size:
476 KB (487,424 bytes)

The file 78ee25b4a6f937ab12408e91dd8bb25d.dll has been seen being distributed by the following URL.

http://d.updater.i4.cn/i4toolupdate6/i4tools/.../78EE25B4A6F937AB12408E91DD8BB25D.dll

Scan 78ee25b4a6f937ab12408e91dd8bb25d.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.