home

bootres backup.dll

Boot Resource Library

sign

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The module bootres backup.dll, “Boot Resource Library” by sign has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Microsoft Corporation  (signed by sign)

Product:
Microsoft® Windows® Operating System

Description:
Boot Resource Library

Version:
10.0.10240.16384 (th1.150709-1700)

MD5:
dd3f04006c988d5b557e1d3a5e3d3127

SHA-1:
f04e03bd176e5130e1a5bb1b6129515732b4f240

SHA-256:
220fe4ba8663b3da39b43ab54ac646d40da9bd40c5229a368eeb1253b05f0260

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/22/2025 11:40:28 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.sign (M)
16.3.9.12

File size:
14.6 KB (14,904 bytes)

Product version:
10.0.10240.16384

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
bootres

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Digital Signature
Signed by:
sign

Authority:
sign Certificate Authority

Valid from:
2/12/2016 8:14:55 PM

Valid to:
2/12/2046 8:14:55 PM

Subject:
CN=sign

Issuer:
CN=sign Certificate Authority

Serial number:
2FC60027C151A92EA308D6D8B31C8776

File PE Metadata
Compilation timestamp:
7/9/2015 10:12:57 PM

OS version:
10.0

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
12.10

CTPH (ssdeep):
384:0W3UwWXTvZ7sCWx//xFePjFD19xFQ/jmJbZnYPL6K:lWzC//xFAjFD19LQy/i

Entry point:
4D, 5A, 90, 00, 03, 00, 00, 00, 04, 00, 00, 00, FF, FF, 00, 00, B8, 00, 00, 00, 00, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, C0, 00, 00, 00, 0E, 1F, BA, 0E, 00, B4, 09, CD, 21, B8, 01, 4C, CD, 21, 54, 68, 69, 73, 20, 70, 72, 6F, 67, 72, 61, 6D, 20, 63, 61, 6E, 6E, 6F, 74, 20, 62, 65, 20, 72, 75, 6E, 20, 69, 6E, 20, 44, 4F, 53, 20, 6D, 6F, 64, 65, 2E, 0D, 0D, 0A, 24, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.7605

Remove bootres backup.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.