eNotAPI2.dll

eNotAPI2

OOO

The module eNotAPI2.dll by OOO has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Triasoft Inc.  (signed by OOO )

Product:
eNotAPI2

Version:
4.05.0104

MD5:
643178d7a478a43593cf0ba7b576d720

SHA-1:
4c224b4a2bb7dc88e8e6d7f4d581143713d16779

SHA-256:
373b97a6d9aacf5aa44ce354cdfa50800fe9727e850e23578716fc66f3fae735

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/24/2024 2:13:04 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.12.14.5

File size:
1.6 MB (1,631,072 bytes)

Product version:
4.05.0104

Original file name:
eNotAPI2.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\windows\syswow64\enotapi2.dll

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
3/7/2016 3:00:00 AM

Valid to:
3/8/2019 2:59:59 AM

Subject:
CN="OOO ""TRIASOFT-SERVIS""", O="OOO ""TRIASOFT-SERVIS""", STREET="5, building 23, street 4806, Zelenograd", L=Moscow, S=Moscow, PostalCode=124498, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
09C2413E3B0CACE3E855A2C1A5CADBD6

File PE Metadata
Compilation timestamp:
11/9/2016 6:48:21 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x8318

Entry point:
5A, 68, 20, C8, 15, 11, 68, 24, C8, 15, 11, 52, E9, E7, FF, FF, FF, 00, 00, 00, 48, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, D6, DB, 3D, 52, 68, 18, E5, 4F, A8, 4B, A2, 3A, 0D, 2E, 30, D2, 00, 00, 00, 00, 00, 00, 01, 00, 0A, 00, 69, 61, 6C, 41, 63, 74, 65, 4E, 6F, 74, 41, 50, 49, 32, 00, 73, 69, 66, 69, 65, 72, 2E, 00, 6D, 6C, 22, 29, 0D, 0A, 20, B0, 00, 00, 00, 90, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 4A, 00, 00, 00, B3, 61, 56, 28, CE, 2E, 7B, 4C, B2, 08, 0D, 62, C6, B7, FF, 94...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v6.0

Code size:
1.3 MB (1,400,832 bytes)

Remove eNotAPI2.dll - Powered by Reason Core Security