cdn_ciper.dll

The library cdn_ciper.dll has been detected as malware by 5 anti-virus scanners. The file has been seen being downloaded from hermessync.cdnetworks.net.
MD5:
be932e0e9678b9eac77233b374e7ef0a

SHA-1:
48dabf3fd78ca26d292febcdc39b33b29c9c376b

SHA-256:
aa75268812d02febfd1bf0dcda6a1eb73f583344c26eb8168fd3c018759ca518

Scanner detections:
5 / 68

Status:
Malware

Analysis date:
11/23/2024 5:58:57 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Agent3
2015.0.3496

IKARUS anti.virus
Trojan.Win32.Webprefix
t3scan.1.6.1.0

Norman
Agent.VBTT
11.20140423

Trend Micro House Call
TROJ_GEN.F47V0130
7.2.113

VIPRE Antivirus
Trojan.Win32.Generic
28482

File size:
56 KB (57,344 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\cdn_ciper.dll

File PE Metadata
Compilation timestamp:
8/22/2007 2:02:03 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
768:YjZcH+cnQdW0VR26lRdLaMHSCgMSBxaho9S4Abw9S8aTDQl:Acecn70G6lRdLvS6e9S4A09UD

Entry address:
0x33CF

Entry point:
6A, 0C, 68, 10, A3, 00, 10, E8, B9, 02, 00, 00, 33, C0, 40, 89, 45, E4, 8B, 75, 0C, 33, FF, 3B, F7, 75, 0C, 39, 3D, 20, C9, 00, 10, 0F, 84, B3, 00, 00, 00, 89, 7D, FC, 3B, F0, 74, 05, 83, FE, 02, 75, 31, A1, 5C, D1, 00, 10, 3B, C7, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D0, 89, 45, E4, 39, 7D, E4, 0F, 84, 85, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 22, FE, FF, FF, 89, 45, E4, 3B, C7, 74, 72, 8B, 5D, 10, 53, 56, FF, 75, 08, E8, C0, DB, FF, FF, 89, 45, E4, 83, FE, 01, 75, 0E, 3B, C7, 75, 0A, 53, 57, FF...
 
[+]

Entropy:
6.1072

Developed / compiled with:
Microsoft Visual C++ v7.1

Code size:
28 KB (28,672 bytes)

The file cdn_ciper.dll has been seen being distributed by the following URL.

Remove cdn_ciper.dll - Powered by Reason Core Security