home

crashrpt1402.dll

CrashRpt

上海金汇信息系统有限公司

Publisher:
上海金汇信息系统有限公司  (signed and verified)

Product:
CrashRpt

Description:
Crash Handling Module

Version:
1.4.0.2

MD5:
6f9fae87a706b2a96a6639c6b6546a0a

SHA-1:
cf20c6f69591ed6f471b9d6973bae45fdc6897a1

SHA-256:
e3ad1f38701be0f09bfa084454f862ed634e9ee87d4c7bfb15a0205bd6aa040c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 6:22:38 AM UTC  (today)

File size:
153.2 KB (156,832 bytes)

Product version:
1.4.0.2

Copyright:
Copyright 2003-2013 The CrashRpt Project Authors

Original file name:
CrashRpt.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\up量化安全炒股卫士\crashrpt1402.dll

Digital Signature
Signed by:
上海金汇信息系统有限公司

Authority:
VeriSign, Inc.

Valid from:
8/22/2014 8:00:00 AM

Valid to:
8/22/2016 7:59:59 AM

Subject:
CN=上海金汇信息系统有限公司, OU=产品运维部, O=上海金汇信息系统有限公司, L=上海, S=上海, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
335DC28459F10A6F562BB6F926F4746D

File PE Metadata
Compilation timestamp:
3/20/2014 10:10:59 AM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
3072:dNaV1mX1WK5Ca1vjVMN17nUU/l13/l0Oiw0Xqr8pbGfA:d01mX1WK0a1vJMNJHP/IppbsA

Entry address:
0x1CF89

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 4A, 03, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 10, 68, 60, 27, 02, 10, E8, 48, 01, 00, 00, 33, C0, 40, 8B, F0, 89, 75, E4, 33, DB, 89, 5D, FC, 8B, 7D, 0C, 89, 3D, 60, 41, 02, 10, 89, 45, FC, 85, FF, 75, 0C, 39, 3D, 40, 45, 02, 10, 0F, 84, D4, 00, 00, 00, 3B, F8, 74, 05, 83, FF, 02, 75, 38, A1, C8, 09, 02, 10, 85, C0, 74, 0E, FF, 75, 10, 57, FF, 75, 08, FF, D0, 8B, F0, 89, 75, E4, 85, F6, 0F, 84, B1, 00, 00, 00...
 
[+]

Entropy:
5.9885

Developed / compiled with:
Microsoft Visual C++

Code size:
118.5 KB (121,344 bytes)

The file crashrpt1402.dll has been seen being distributed by the following URL.

http://d.0135135.com/cattle/update/.../CrashRpt1402.dll

Scan crashrpt1402.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.