home

DuiLib.dll

Direct UI Support

北京知行锐景科技有限公司

Publisher:
北京知行锐景科技有限公司  (signed and verified)

Product:
Direct UI Support

Version:
2.0.0.6

MD5:
5283ebdce25a3a69f99ef73996551162

SHA-1:
e8f3176c864aa57e135d13e98d2c62571aee2575

SHA-256:
ee1d6247d575047aa9c5cc76b762539a060cd79b68abec513ffd78315c02cbb4

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/23/2024 7:21:04 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Adware.Chindo.5
9.0.1.0254

File size:
1.1 MB (1,141,952 bytes)

Product version:
2.0.0.6

Copyright:
Copyright (C) 2015

Original file name:
DuiLib.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\roaming\qtgame\duilib.dll

Digital Signature
Signed by:
北京知行锐景科技有限公司

Authority:
WoSign CA Limited

Valid from:
3/20/2015 1:26:49 PM

Valid to:
3/20/2016 2:26:49 PM

Subject:
CN=北京知行锐景科技有限公司, O=北京知行锐景科技有限公司, L=北京市, S=北京市, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA G2, O=WoSign CA Limited, C=CN

Serial number:
3A6B9B1F59B7DBD50BEFD1259BB8264E

File PE Metadata
Compilation timestamp:
12/9/2015 2:03:50 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:MflPTh7OAgc9dviSkyEgXi7aYPa7U4O7hSXOsLuFTPH:clPThaAtdvg5slITPH

Entry address:
0x5865E

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, DF, 60, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 48, 30, 0E, 11, E8, 63, 02, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 34, 2A, 10, 11, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, D0, D1, 0C, 11, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Entropy:
6.6909

Developed / compiled with:
Microsoft Visual C++

Code size:
783.5 KB (802,304 bytes)

Scan DuiLib.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.