home

ca3.dll

MD5:
623c586a5bc4fbb806e1a89580bd082c

SHA-1:
5d53fcb2b31270c44581b3bbf97e074fa17cb27b

SHA-256:
00b19cb9cd1b01bf368c73bfb5ed0638cd76156871514870f52ed358f2a4067d

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/16/2024 12:17:51 AM UTC  (today)

Scan engine
Detection
Engine version

F-Prot
W32/QHost.C.gen
4.6.5.141

Sophos
Virus 'Mal/VMProtBad-A'
5.22

File size:
92 KB (94,208 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\ca3.dll

File PE Metadata
Compilation timestamp:
1/23/2016 11:18:11 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
1536:3o73pm7IcI7rA9ivGasmV6rYDYRivYOoDiIIj9c70KqF3YSkq6HV/D9j0xKi63Sj:3o73pmPwA9ieoV6kDGUdIHA5tvD6LCK+

Entry address:
0x43DAF

Entry point:
E8, 0A, 84, FF, FF, 59, B0, 39, 44, EC, DA, 0F, 7E, 60, BE, F6, 80, EB, A8, 98, F6, F9, 9B, 14, E6, 3E, B2, A5, 4B, EE, 48, 66, 68, 6E, F6, DE, 30, 73, 0C, AE, 72, F3, B1, 52, 34, 72, 83, E1, BF, 4D, 5B, 4C, B5, 69, 1A, 9F, AE, 47, 9D, 59, 48, 63, 31, 2D, 98, 08, 6E, AA, 1A, 3E, 97, 7F, 62, 0E, 2B, 8D, B0, 53, EF, 27, C5, 66, AA, 78, 6D, DB, 30, 4A, 09, E7, 04, 00, 11, 17, 75, C6, E3, FF, 76, AE, C2, 6F, 0C, 15, C5, 86, DE, 22, 1E, D2, 24, 61, 8D, B5, B4, E8, 91, 93, 22, C6, 14, 5A, 7E, 3A, A8, 13, F6, DC...
 
[+]

Code size:
52 KB (53,248 bytes)

The file ca3.dll has been seen being distributed by the following URL.

http://engenhariatm.com/loader/.../ca3.dll

Scan ca3.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.