» backup-20070606-152603-803.dll
Overview
Analysis
File Details

backup-20070606-152603-803.dll

FlashAX Module

Microgaming Software Systems Limited

The module backup-20070606-152603-803.dll by Microgaming Software Systems Limited has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

Publisher:

Microgaming Systems (signed by Microgaming Software Systems Limited)

Product:

FlashAX Module

Version:

1, 0, 1, 2

MD5:

4125268a05f4f67dea415308a15a3faa

SHA-1:

a3a526653032aa95bbb742b78c8c07c7c5f009be

SHA-256:

892af3305f757fc4f090b920460470c1f012310e0770f5411311b713e7ec5d9b

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/15/2024 8:53:37 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.MicroGaming.Installer (M)

16.8.1.19

File size:

102.2 KB (104,656 bytes)

Product version:

1, 0, 1, 2

Original file name:

FlashAX.DLL

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Digital Signature

Signed by:

Microgaming Software Systems Limited

Authority:

VeriSign, Inc.

Valid from:

1/12/2005 6:00:00 PM

Valid to:

3/3/2006 5:59:59 PM

Subject:

CN=Microgaming Software Systems Limited, OU=ActiveX, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Microgaming Software Systems Limited, L=Isle of Man, S=Isle of Man, C=GB

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

5BA1FFFCF1C799F44E34E3964C34AD01

File PE Metadata

Compilation timestamp:

10/17/2005 1:07:02 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

3072:TIgCPowiKqKKq6qmQeknyYEWrOvPvGZHl7kcONeUqf9+T8rV0TpM5uto4Hrd6:TSgg5u6

Entry address:

0xF6F8

Entry point:

FF, 74, 24, 0C, FF, 74, 24, 0C, FF, 74, 24, 0C, E8, 8A, 1C, FF, FF, C2, 0C, 00, FF, 15, E8, 10, 01, 10, 33, C0, C3, A1, 28, 3C, 01, 10, 56, 85, C0, 75, 13, FF, 74, 24, 08, 50, FF, 35, C8, 3B, 01, 10, FF, 15, 28, 11, 01, 10, 5E, C3, 8B, 0D, 2C, 3C, 01, 10, 8B, 15, 24, 3C, 01, 10, FF, 05, 2C, 3C, 01, 10, 23, D1, 8B, 34, 90, 8B, 44, 24, 08, 83, C0, 08, 50, 6A, 00, 56, FF, 15, 28, 11, 01, 10, 85, C0, 74, 07, 89, 30, 83, C0, 08, 5E, C3, 33, C0, 5E, C3, 8B, 44, 24, 04, 33, C9, 3B, C1, 75, 0B, FF, 74, 24, 08, E8... 
[+]

Entropy:

6.0167

Code size:

64 KB (65,536 bytes)

Remove backup-20070606-152603-803.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.