home

ext.dll

The library ext.dll has been detected as malware by 4 anti-virus scanners. The file has been seen being downloaded from hitboxer.com.
MD5:
058172c7e81e569f6717f44f0a859ab8

SHA-1:
3694ac0a91c1d77ef7ee63eea250b3ac5a2d9003

SHA-256:
ede9bfef539dcbc50b196ceedeb1553313f49919d35f2dda33aacc76b9c6f95e

Scanner detections:
4 / 68

Status:
Malware

Analysis date:
11/6/2024 1:56:31 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
JS:Febiturk-C [Trj]
2014.9-160526

Dr.Web
Trojan.Guncelle.3
9.0.1.0147

F-Secure
Trojan:JS/Kilim.M
11.2016-26-05_5

Kaspersky
HEUR:Trojan.Script.Generic
14.0.0.152

File size:
2.6 KB (2,638 bytes)

File type:
Dynamic link library (Win64 DLL)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\ext.dll

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
24:C8/lZOsziuVv4D4DbkKxF/vIFE1LgcshGpKqjnWOGQO9M9fs96zCTnv:X7hiovxDnmJ2j429KGCrv

Entry point:
09, 63, 68, 72, 6F, 6D, 65, 2E, 77, 65, 62, 52, 65, 71, 75, 65, 73, 74, 2E, 6F, 6E, 42, 65, 66, 6F, 72, 65, 52, 65, 71, 75, 65, 73, 74, 2E, 61, 64, 64, 4C, 69, 73, 74, 65, 6E, 65, 72, 28, 0D, 0A, 20, 20, 20, 20, 20, 20, 20, 20, 66, 75, 6E, 63, 74, 69, 6F, 6E, 20, 28, 64, 65, 74, 61, 69, 6C, 73, 29, 20, 7B, 0D, 0A, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 76, 61, 72, 20, 75, 72, 6C, 20, 3D, 20, 64, 65, 74, 61, 69, 6C, 73, 2E, 75, 72, 6C, 3B, 0D, 0A, 20, 20, 20, 20, 20, 20, 20, 20, 20...
 
[+]

The file ext.dll has been seen being distributed by the following URL.

http://hitboxer.com/.../ext.dll

Remove ext.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.