» anote.dll
Overview
Analysis
File Details

anote.dll

Muticolor Note

北京鸿达万方科技有限公司

The module anote.dll, “Muticolor Note Module” by 北京鸿达万方科技有限公司 has been detected as a potentially unwanted program by 8 anti-malware scanners.

File name:

anote.dll

Publisher:

Beijing Hongda wanfang technology Co.,Ltd. (signed by 北京鸿达万方科技有限公司)

Product:

Muticolor Note

Description:

Muticolor Note Module

Version:

0, 0, 0, 16

MD5:

fd06dcbc50ca30271eb01baf45c947fc

SHA-1:

33002c288b803e5603f4aa5629b175ffb63d0356

SHA-256:

40f097222763967f429a852e4cb9a0d4379abd04d374a958b56c02c05283a03d

Scanner detections:

8 / 68

Status:

Potentially unwanted

Analysis date:

1/13/2025 4:20:23 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/HoWafang.127256

8.3.1.6

AVG

Generic

2017.0.2671

Baidu Antivirus

PUA.Win32.HongdaWanfang

4.0.3.16725

ESET NOD32

Win32/HongdaWanfang.A potentially unwanted (variant)

10.11942

IKARUS anti.virus

PUA.HongdaWanfang

t3scan.1.9.5.0

K7 AntiVirus

Adware

13.206.16567

Malwarebytes

PUP.Optional.HongdaWanfang

v2016.07.25.03

VIPRE Antivirus

Trojan.Win32.Generic

42020

File size:

133.9 KB (137,064 bytes)

Product version:

1.0

Original file name:

Anote

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\Program Files\anote\anote.dll

Digital Signature

Signed by:

北京鸿达万方科技有限公司

Authority:

VeriSign, Inc.

Valid from:

5/28/2015 8:00:00 AM

Valid to:

6/27/2016 7:59:59 AM

Subject:

CN=北京鸿达万方科技有限公司, O=北京鸿达万方科技有限公司, L=北京市, S=北京市, C=CN

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

2FC9B15A59C9EF86432B0736CB16596A

File PE Metadata

Compilation timestamp:

5/29/2015 11:45:01 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

1536:EHG9cDmzGA3hsFnE8dAA3QmKEgS3kKmDvZ68AiTpGq/3oVIpJWDSK9fF5zdysbmU:EHyiotIK63cGqvoKIDdLqdJr+l22C8VF

Entry address:

0xE55A

Entry point:

6A, 0C, 68, 98, 80, 01, 10, E8, BA, 02, 00, 00, 33, C0, 40, 89, 45, E4, 8B, 75, 0C, 33, FF, 3B, F7, 75, 0C, 39, 3D, 8C, C1, 01, 10, 0F, 84, B3, 00, 00, 00, 89, 7D, FC, 3B, F0, 74, 05, 83, FE, 02, 75, 31, A1, 5C, DA, 01, 10, 3B, C7, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D0, 89, 45, E4, 39, 7D, E4, 0F, 84, 85, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 22, FE, FF, FF, 89, 45, E4, 3B, C7, 74, 72, 8B, 5D, 10, 53, 56, FF, 75, 08, E8, 55, 67, FF, FF, 89, 45, E4, 83, FE, 01, 75, 0E, 3B, C7, 75, 0A, 53, 57, FF... 
[+]

Entropy:

6.2546

Developed / compiled with:

Microsoft Visual C++ v7.1

Code size:

88 KB (90,112 bytes)

Remove anote.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.