home

btkernel.dll

BTKernel 库

广州市数宇软件有限公司

Publisher:
广州市数宇软件有限公司  (signed and verified)

Product:
BTKernel 库

Version:
1.10.68.0

MD5:
d0053962d9b2f010203145eb700e918d

SHA-1:
aa58f5571bde9779a4a4a5f3b50df98f3024dc47

SHA-256:
58d974aeba53a836f1b23b0b6a2d6ec1fa87c1ada31c7276123ad61a813d368b

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
2/25/2025 8:05:54 PM UTC  (today)

Scan engine
Detection
Engine version

AVG
Generic
2017.0.2574

File size:
431.7 KB (442,016 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2011

Original file name:
BTKernel.lib

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\kugamebox\btkernel.dll

Digital Signature
Signed by:
广州市数宇软件有限公司

Authority:
GlobalSign nv-sa

Valid from:
8/18/2014 3:28:41 PM

Valid to:
8/19/2015 3:28:41 PM

Subject:
CN=广州市数宇软件有限公司, OU=广州市数宇软件有限公司, O=广州市数宇软件有限公司, L=guangzhou, S=guangdong, C=CN

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121D9BADD981DADAF2F7C8C7D1F6A24B44D

File PE Metadata
Compilation timestamp:
3/9/2015 5:23:37 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:G9Mq50dPPFycf2K3cn7nwINAOaJpV21+SUfXj5qIQ+oSY:Gqq58P9f2t7wVOurfXYH9

Entry address:
0x1B0A30

Entry point:
80, 7C, 24, 08, 01, 0F, 85, D0, 0B, 00, 00, 60, BE, 00, 80, 14, 10, 8D, BE, 00, 90, EB, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, E0, E9, 1A, 00, 57, 83, C3, 04, 53, 68, 25, 8A, 06, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9...
 
[+]

Entropy:
7.9933  (probably packed)

Code size:
424 KB (434,176 bytes)

Scan btkernel.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.