» browser_lib.dll
Overview
Analysis
File Details

browser_lib.dll

Browser Utility Library

Hefei Hejunzhengce Info Tech Co., Ltd.

The library browser_lib.dll has been detected as malware by 1 anti-virus scanner.

File name:

browser_lib.dll

Publisher:

Hefei Hejunzhengce Info Tech Co., Ltd (signed by Hefei Hejunzhengce Info Tech Co., Ltd.)

Product:

Browser Utility Library

Version:

1.0.0.0

MD5:

21571f10341bc76a429963ad031d7b9e

SHA-1:

425938f82aee644cbf3ec2a792c10460dc8d0331

SHA-256:

922482f7f1c22b23805c90916a38f3633536c6789d855d85d3f164dbba47d9ba

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

11/16/2024 7:32:58 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP (M)

16.9.26.21

File size:

2.8 MB (2,942,448 bytes)

Product version:

46.0.149.10

Hefei Hejunzhengce Info Tech Co., Ltd

Original file name:

Browser Utility Library

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\appdata\local\google\chrome\application\46.10.2479.19\browser_lib.dll

Digital Signature

Signed by:

Hefei Hejunzhengce Info Tech Co., Ltd.

Authority:

WoSign CA Limited

Valid from:

3/6/2015 3:35:27 PM

Valid to:

12/30/2016 3:35:27 PM

Subject:

CN="Hefei Hejunzhengce Info Tech Co., Ltd.", O="Hefei Hejunzhengce Info Tech Co., Ltd.", L=Hefei, S=Anhui, C=CN

Issuer:

CN=WoSign Class 3 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:

3312D0B8D4D7941DF85AA59F134E7719

File PE Metadata

Compilation timestamp:

1/26/2016 9:59:34 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:ZlZzHYy4tK59S2QTFmy7LpnJ8wSK7vQFO/:Zlay4vIwJ8wSK7vEO/

Entry address:

0x27EC58

Entry point:

55, 8B, EC, 83, C4, C0, B8, B0, 4E, 67, 00, E8, 74, 07, D9, FF, E8, E7, AB, D8, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.6424

Developed / compiled with:

Microsoft Visual C++

Code size:

2.5 MB (2,611,200 bytes)

Remove browser_lib.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.