home

ca2.dll

MD5:
fdb18f8ec917d72bbf842874cb78ac2b

SHA-1:
79c519f0ce928c87856d84e2b5e41947cda6d3a8

SHA-256:
de0c84f16d48900f7f95213be18471007c386270a0563bcb24fb41b43d0373ba

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/16/2024 12:26:11 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Win32/Blacked
2015.0.4489

Emsisoft Anti-Malware
Gen:Variant.Kazy.717227
10.0.0.5366

Norman
Gen:Variant.Kazy.717227
03.02.2016 10:30:35

File size:
149 KB (152,576 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\ca2.dll

File PE Metadata
Compilation timestamp:
11/4/2015 9:57:42 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:iZxIOYr72EhhTf42mNY6Y1ScSlGarivyOCmrQgE/Wt91cpvnjsh:ZOYv2Ehpfn37xarijE/Qvctjsh

Entry address:
0x1EF6F

Entry point:
0F, 8B, 30, 3D, 01, 00, 9C, 60, 9C, C7, 44, 24, 24, BF, F4, D1, AF, E9, CC, F0, FF, FF, AC, F8, 66, 0F, BA, E1, 01, F6, D0, 89, 64, 24, 04, 66, 85, ED, F5, 04, E1, 68, D6, 27, 59, 1F, 85, E6, 68, B4, EA, 13, A1, F6, D8, 9C, E8, C3, 51, 01, 00, 5F, 66, F7, D7, 8B, 7D, 08, E8, 85, FF, FF, FF, 68, FF, CE, 1E, C2, 68, B1, 1D, CA, 47, 8D, 64, 24, 04, E9, 84, FE, 01, 00, 66, C7, 04, 24, DA, B6, C7, 44, 24, 20, 2D, 14, A9, 04, 66, 89, 5C, 24, 04, 8D, 64, 24, 20, E9, 2A, 09, 02, 00, 29, C6, 60, 9C, FF, 74, 24, 08...
 
[+]

Code size:
38 KB (38,912 bytes)

The file ca2.dll has been seen being distributed by the following URL.

http://engenhariatm.com/loader/.../ca2.dll?n16

Scan ca2.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.