» dirsync.far2.x86.dll
Overview
Analysis
File Details

dirsync.far2.x86.dll

DirSync plugin for FAR Manager 3

Pepak

The module dirsync.far2.x86.dll by Pepak has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

Publisher:

Pepak (signed and verified)

Product:

DirSync plugin for FAR Manager 3

Version:

0.97.0.5

MD5:

b651753933e66f1f1f5061f6e77acb16

SHA-1:

7725f424f48aedc81aa941a2f58bf2343dbb63e6

SHA-256:

7ad90b9bf2772475711da02283b78cb447c7873e92ec100d57b162a96fb9f90e

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

12/26/2024 8:23:17 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Pepak (M)

16.6.27.9

File size:

535.5 KB (548,352 bytes)

Product version:

0.97.0.5

Original file name:

DirSync.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\far manager\plugins\dirsync\dirsync.far2.x86.dll

Digital Signature

Signed by:

Pepak

Authority:

Pepak (root CA)

Valid from:

3/15/2015 6:47:18 PM

Valid to:

3/15/2016 6:47:17 PM

Subject:

CN=Pepak, E=http://www.pepak.net

Issuer:

CN=Pepak (root CA), E=http://www.pepak.net

Serial number:

3CF3EFFEF1E5EDA545564A0532C0A9B8

File PE Metadata

Compilation timestamp:

7/23/2015 11:26:48 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

6144:gAw7sruFi1Jg88lAiL9c0vFO9LNHX15l8qMxXyIQCRrfLrYp6VR:g37sruFi1vW89LNHF4bwlerfLrYpMR

Entry address:

0x745E4

Entry point:

55, 8B, EC, 83, C4, C0, B8, 1C, F0, 46, 00, E8, 70, 59, F9, FF, E8, 57, 1D, F9, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 32, 13, 00, 00, 00, 19, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, DE, 24, DF, CE, A4, 80, 7D, 44, 8C, 75, EB, 87, 1D, C1, 21, FD, 30, 29, 40, 00, 6C, 29, 40, 00, 98, 29, 40, 00, C0, 29, 40, 00, 00, 2A, 40, 00, 0C, 2A, 40, 00, 14, 2A, 40, 00... 
[+]

Entropy:

6.5437

Developed / compiled with:

Microsoft Visual C++

Code size:

459.5 KB (470,528 bytes)

Remove dirsync.far2.x86.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.