» dirsync.far3.x86.dll
Overview
Analysis
File Details

dirsync.far3.x86.dll

DirSync plugin for FAR Manager 3

Pepak

The module dirsync.far3.x86.dll by Pepak has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

Publisher:

Pepak (signed and verified)

Product:

DirSync plugin for FAR Manager 3

Version:

0.97.0.6

MD5:

e4a5aae78860bccd8bebe92cb948a719

SHA-1:

e623c98939025a86b7cedd13522ddb93c77e6963

SHA-256:

4aa6e0d629546095935c5edfe4b37f69c7282cd4e99941b0c21191d87dd55ac6

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

12/26/2024 8:41:39 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Pepak (M)

16.6.27.9

File size:

539.5 KB (552,448 bytes)

Product version:

0.97.0.6

Original file name:

DirSync.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\far manager\plugins\dirsync\dirsync.far3.x86.dll

Digital Signature

Signed by:

Pepak

Authority:

Pepak (root CA)

Valid from:

3/15/2015 6:47:18 PM

Valid to:

3/15/2016 6:47:17 PM

Subject:

CN=Pepak, E=http://www.pepak.net

Issuer:

CN=Pepak (root CA), E=http://www.pepak.net

Serial number:

3CF3EFFEF1E5EDA545564A0532C0A9B8

File PE Metadata

Compilation timestamp:

7/23/2015 11:26:49 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

6144:BAg7sbt/MucL0WE2HAiL9VO2du/iwD52OaP4OYRRdTR3GcXqtcSCdW3U:Bn7sb1MucLlfu/iwD52AOEddmcSUEU

Entry address:

0x75608

Entry point:

55, 8B, EC, 83, C4, C0, B8, BC, FA, 46, 00, E8, 4C, 49, F9, FF, E8, 33, 0D, F9, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.5364

Developed / compiled with:

Microsoft Visual C++

Code size:

463 KB (474,112 bytes)

Remove dirsync.far3.x86.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.