home

ca2.dll

MD5:
694fe6dc8c5ec6e45f2bc6c0e60123e9

SHA-1:
5dd1303f8999ada9ccba72443af3d45387b1226e

SHA-256:
d1df866c4895462e42f9aec836bb0a11a1e3d3143c5252206d89e6add2ae3cbf

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/16/2024 12:21:32 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Win32/Blacked
2015.0.4489

Emsisoft Anti-Malware
Gen:Trojan.Heur2.CTR.2jG4@aGxKmSei
10.0.0.5366

Norman
Gen:Trojan.Heur2.CTR.2jG4@aGxKmSei
18.01.2016 17:20:53

File size:
149 KB (152,576 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\ca2.dll

File PE Metadata
Compilation timestamp:
11/5/2015 7:09:30 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:ywBcgXi90EQbwO2Eq1Rub+YRkMfa00JIztX4UP2V48p0nOUvBGLs:ywLy90Ek2q+Ka00JIztX5PP8pfUvoLs

Entry address:
0x33BD6

Entry point:
0F, 86, 5B, E8, FF, FF, 68, 3D, 20, 38, FD, 9C, C7, 44, 24, 04, 3A, 81, 5C, CE, 9C, 9C, 55, 60, C7, 44, 24, 2C, B4, 13, 25, 6C, 9C, 8D, 64, 24, 30, E9, 7C, BB, 00, 00, 1F, AD, 8E, 52, F1, 18, 40, 78, 10, FF, D1, D4, 76, DA, F9, 10, F0, EE, 4D, 7A, 9A, 76, D3, 27, 44, 4C, EB, 9D, BE, A5, C3, 5F, BC, FE, 1D, 6E, 8E, 48, AF, 31, CF, 1B, 29, 10, 52, 07, 65, 89, B8, 3C, 9A, 92, 42, A5, E7, 81, 37, 9F, 26, 35, AA, 86, 12, C7, 65, EC, 92, 94, B5, 96, B4, CD, 71, 66, 81, 95, FB, FD, A2, 48, 8A, 17, 79, 71, 57, 79...
 
[+]

Code size:
38 KB (38,912 bytes)

The file ca2.dll has been seen being distributed by the following URL.

http://engenhariatm.com/loader/.../ca2.dll?n32

Scan ca2.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.