home

ccheck.dll

CandleCopyright 동적 연결 라이브러리

Product:
CandleCopyright 동적 연결 라이브러리

Description:
CandleCopyright DLL

Version:
1, 0, 0, 1

MD5:
bcabbb7656f81129f67d5f2a7b1b659c

SHA-1:
d4978adeb556fd35991a7d1080de813b768661ce

SHA-256:
6c727648c07b46b42d920b7ff7c47d88c7573a4d63ac9e08ad8719e95a72ed08

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/9/2025 7:49:22 AM UTC  (today)

File size:
48 KB (49,152 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2014

Original file name:
CandleCopyright.DLL

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\gfile\gmf\ccheck.dll

File PE Metadata
Compilation timestamp:
3/21/2016 11:01:57 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
768:u+izx2vB98w/0IxiYhpSYnlO3XneMfy3dPFP8wvSsP:ubzxQB98m0z8SOMfy3dPlFvSs

Entry address:
0x5AB7

Entry point:
55, 8B, EC, 53, 8B, 5D, 08, 56, 8B, 75, 0C, 57, 8B, 7D, 10, 85, F6, 75, 09, 83, 3D, B4, A7, 00, 10, 00, EB, 26, 83, FE, 01, 74, 05, 83, FE, 02, 75, 22, A1, 94, 95, 00, 10, 85, C0, 74, 09, 57, 56, 53, FF, D0, 85, C0, 74, 0C, 57, 56, 53, E8, 15, FF, FF, FF, 85, C0, 75, 04, 33, C0, EB, 4E, 57, 56, 53, E8, 1C, FD, FF, FF, 83, FE, 01, 89, 45, 0C, 75, 0C, 85, C0, 75, 37, 57, 50, 53, E8, F1, FE, FF, FF, 85, F6, 74, 05, 83, FE, 03, 75, 26, 57, 56, 53, E8, E0, FE, FF, FF, 85, C0, 75, 03, 21, 45, 0C, 83, 7D, 0C, 00...
 
[+]

Entropy:
4.5314

Developed / compiled with:
Microsoft Visual C++ 6.0

Code size:
24 KB (24,576 bytes)

The file ccheck.dll has been seen being distributed by the following 4 URLs.

http://patch.pdpop.com/appx/.../CCheck.dll

http://apppatch.file24.co.kr/new/file24(normal)/.../CCheck.dll

http://setup.tple.co.kr/files/application/tple/.../CCheck.dll

http://patch.pdpop.com/appx/.../CCheck.dll

Scan ccheck.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.