home

cshell.dll

CShell

Product:
CShell

Description:
CN Client CShell Version

Version:
1, 1, 37, 07

MD5:
660410c9ab78c97db30020bbcbb72c0d

SHA-1:
9ca2e1e3a8cab80e73eb319b197b4fd75ff77eb2

SHA-256:
09d641f49af378b8d3fc66bd7c0899c182d95bf6d3df9868655563b951b1f90f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 2:52:58 AM UTC  (today)

File size:
5.7 MB (5,984,256 bytes)

Product version:
1, 1, 37, 07

Copyright:
Copyright (C) 1997

Original file name:
CShell

File type:
Dynamic link library (Win32 DLL)

Language:
Korean (Korea)

Common path:
C:\users\{user}\downloads\cshell.dll

File PE Metadata
Compilation timestamp:
3/17/2015 10:39:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
98304:BAgctTVeno0j0VFArxpcP9GXBtuy+Q/vKsy0UwwcEx0FunLL/By/lm:BAg4Mo/zAtpw92jLvn9y0U5xMuv/z

Entry address:
0x1905000

Entry point:
51, B9, 06, 00, 00, 00, 85, C9, 74, 28, 01, C8, D3, E0, 05, 45, 45, 53, 04, 50, E8, 00, 00, 00, 00, 83, 04, 24, 16, 8B, 04, 24, 83, C0, 09, C7, 80, CA, FF, FF, FF, 00, 00, 00, 00, FF, E0, 49, EB, D4, 59, E9, CE, 00, 00, 00, 55, 89, E5, 81, EC, 1C, 08, 00, 00, 60, C7, 45, FA, 00, 00, 00, 00, C7, 85, E8, FB, FF, FF, 00, 00, 00, 00, 31, DB, 8B, 85, E8, FB, FF, FF, 40, 89, 85, E8, FB, FF, FF, 81, BD, E8, FB, FF, FF, 00, 04, 00, 00, 74, 18, 8B, 85, EC, FB, FF, FF, 8D, 8D, F0, FB, FF, FF, 88, 04, 0B, FF, 85, EC...
 
[+]

Entropy:
7.9322  (probably packed)

Code size:
6.8 MB (7,102,464 bytes)

The file cshell.dll has been seen being distributed by the following URL.

https://www.dropbox.com/s/.../CShell.dll?dl=1&_download_id=6654252823959572753584528492899775872325774714215186421400549466&_notify_domain=www.dropbox.com

Scan cshell.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.