» AntSend.DLL
Overview
Analysis
File Details
Behaviors (1)

AntSend.DLL

AntSend Module

HANGZHOU AIPU SOFTWARE CO., LTD

It is registered as a context menu handler (displays a menu when right-clicked in Explorer) named “AntSend”.

File name:

AntSend.DLL

Publisher:

HANGZHOU AIPU SOFTWARE CO., LTD (signed and verified)

Product:

AntSend Module

Version:

3.0.0.1

MD5:

b58a5e012ef915fe22d169e237676faa

SHA-1:

f5377bbc0c7185995efa13628b8374ab64a92ed5

SHA-256:

0554a7d438a88c9c54cdebc617c10be2cc5c69c1bc80f2734e0cf7db9d01576b

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/23/2024 10:02:37 AM UTC (today)

File size:

94.8 KB (97,096 bytes)

Product version:

3.0.0.1

Original file name:

AntSend.DLL

File type:

Dynamic link library (Win32 DLL)

Digital Signature

Signed by:

HANGZHOU AIPU SOFTWARE CO., LTD

Authority:

VeriSign, Inc.

Valid from:

7/23/2013 8:00:00 AM

Valid to:

7/24/2015 7:59:59 AM

Subject:

CN="HANGZHOU AIPU SOFTWARE CO., LTD", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="HANGZHOU AIPU SOFTWARE CO., LTD", L=HANGZHOU, S=ZHEJIANG, C=CN

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

1B0AAEF48BDCCBECB8DE73734092B849

Registration

CLSID:

{EF542C74-EE38-49FC-A151-73E7BB37853F}

ProgID:

AntSend.AntShellExt.1

COM registered:

Yes

File PE Metadata

Compilation timestamp:

9/18/2013 9:59:19 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

1536:7SHJ/6d5SVZE3rFJkLn9Jdk0/y/XaOY/tdipVpTdM9n:7I/M5sZG5JkDM4EpTdM9n

Entry address:

0x67F7

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 0D, 2C, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, B8, 8D, A0, 00, 10, A3, 40, 47, 01, 10, C7, 05, 44, 47, 01, 10, 83, 97, 00, 10, C7, 05, 48, 47, 01, 10, 37, 97, 00, 10, C7, 05, 4C, 47, 01, 10, 70, 97, 00, 10, C7, 05, 50, 47, 01, 10, D9, 96, 00, 10, A3, 54, 47, 01, 10, C7, 05, 58, 47, 01, 10, 05, A0, 00, 10, C7, 05, 5C, 47, 01, 10, F5, 96, 00, 10, C7, 05, 60, 47, 01, 10, 57, 96, 00, 10, C7, 05, 64, 47, 01, 10, E3, 95... 
[+]

Entropy:

6.4369

Code size:

55 KB (56,320 bytes)

Context Menu Handler

Display name:

AntSend

CLSID:

{EF542C74-EE38-49FC-A151-73E7BB37853F}

CLSID name:

AntShellExt Class

Scan AntSend.DLL - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.