home

ca2.dll

MD5:
e9aea8e959da129f721f2294d7128acd

SHA-1:
8806dbca598dd6d985d023b3f2be23134c0d68ff

SHA-256:
cc272ed221742f8e0615edbb9b3a3a12619bcd91c770b9766c8540612252814c

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/16/2024 12:29:51 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Win32/Blacked
2015.0.4477

File size:
152.5 KB (156,160 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\ca2.dll

File PE Metadata
Compilation timestamp:
11/12/2015 9:06:19 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
3072:aQNuv7jENE/5t0RX6LgOKfhf4Pqud7kf4xPxzipIIM71xywzaz3:aW83ENEZ89f4PDkwBx/JHa

Entry address:
0x2DE49

Entry point:
E9, 6E, AB, 00, 00, 80, FA, 86, B9, 04, 01, 00, 00, 80, F9, 41, F9, 60, 28, C0, E9, E8, 60, 00, 00, 01, C7, 68, EB, 76, BB, 6B, 9C, 53, 66, F7, C7, 8E, E6, 0F, B7, 0C, 4F, E8, C3, 01, FF, FF, 29, C0, E9, 6D, F6, 00, 00, 8D, 64, 24, 0C, 0F, 82, 5E, DC, 00, 00, 68, 6A, 31, C5, 59, F6, C5, 15, 66, C7, 04, 24, 23, 35, 80, FA, D8, 3B, 45, F0, 60, E9, F8, B7, FF, FF, 4B, 45, 52, 4E, 45, 4C, 33, 32, 2E, 64, 6C, 6C, 00, E9, 2E, 68, 00, 00, 08, E4, FF, 34, 24, 8D, 64, 24, 08, 0F, 84, 04, 00, 00, 00, F9, 80, FC, 2E...
 
[+]

Packer / compiler:
Xtreme-Protector v1.05

Code size:
39.5 KB (40,448 bytes)

The file ca2.dll has been seen being distributed by the following URL.

http://engenhariatm.com/loader/.../ca2.dll?n24

Scan ca2.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.