home

elgin.dll

Version:
1.0.0.13

MD5:
d8e31a8378a9e5e3be85a808db7c8a65

SHA-1:
496b46fab953a7eb69a2836aebe453cb1b1fad4f

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/27/2024 11:34:42 AM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
TROJ_GEN.F47V1101
7.2.276

File size:
747.5 KB (765,440 bytes)

Product version:
1.0.0.0

File type:
Dynamic link library (Win32 DLL)

Language:
Brazilian Portuguese

Common path:
C:\Windows\System32\elgin.dll

File PE Metadata
Compilation timestamp:
6/19/1992 7:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:4p5Yt1kPrlMoCZ9h8CYkSyphi0gvziwAn/bpN8kU5p:4TKwrlOd79iriw0zbm

Entry address:
0xA3598

Entry point:
55, 8B, EC, B9, 1D, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 53, 56, 57, B8, 98, 33, 4A, 00, E8, 90, 35, F6, FF, 33, C0, 55, 68, A5, 43, 4A, 00, 64, FF, 30, 64, 89, 20, A1, 90, 64, 4A, 00, C6, 00, 00, A1, EC, 60, 4A, 00, C6, 00, 00, A1, E4, 62, 4A, 00, 33, D2, 89, 10, A1, BC, 61, 4A, 00, 33, D2, 89, 10, A1, DC, 60, 4A, 00, E8, CA, 14, F6, FF, A1, 28, 66, 4A, 00, C6, 00, 00, A1, D0, 61, 4A, 00, E8, B8, 14, F6, FF, 8D, 45, C0, E8, B4, 1A, FD, FF, 8B, 4D, C0, B2, 01, A1, C4, C1, 41, 00, E8, 5D, 8C, F7, FF, 8B...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
654 KB (669,696 bytes)

The file elgin.dll has been seen being distributed by the following 2 URLs.

ftp://ftp.3lminformatica.net/usuarios/Aurelio/Impressoras Fiscais/.../elgin.dll

https://doc-0s-30-docs.googleusercontent.com/docs/securesc/i07doejd5kub135hipok0aflm1li376a/6aacv7vkdab6ntnln9p9ungd41q0rcfc/1423483200000/01138312996294350750/.../0B9fgVZVRR-FCQnZNaE5vQmt3SGM?h=07947423871345534562&e=download

Scan elgin.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.