home

f_015ee4

RedlineWidget

Microsoft

Publisher:
Microsoft

Product:
RedlineWidget

Version:
2.1.0

MD5:
c9c62c6a1c82f829f4e687cd0bd9cae9

SHA-1:
57c24e7ef8590e3972829a2f1d4b4be1025abff9

SHA-256:
30528b38e3d48d64c01a7b0fd92415262a816eb7fc4d66ddbd2fe458c190fedc

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/1/2025 6:52:57 PM UTC  (today)

File size:
77 KB (78,848 bytes)

Product version:
2.1.0

Copyright:
Copyright © Microsoft 2011

Original file name:
RedlineWidget.dll

Common path:
C:\users\{user}\appdata\local\google\chrome\user data\default\cache\f_015ee4

File PE Metadata
Compilation timestamp:
11/3/2014 11:02:22 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:o6fXZ03niITt2refGoQIMtjq9tWl+2muuAf50ywBhBm7rbm5lu0a+S7VKId:o6fJonarI68l1WzwVm7rbm5lu7uA

Entry address:
0x14BCE

Entry point:
FF, 25, 00, 20, 00, 10, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 10, 00, 00, 00, 18, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, 30, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 48, 00, 00, 00, 58, 60, 01, 00, 7C, 03...
 
[+]

Entropy:
6.1607

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
75 KB (76,800 bytes)

The file f_015ee4 has been seen being distributed by the following URL.

http://eservices.alriyadh.gov.sa:7171/IMap/.../RedlineWidget.dll

Scan f_015ee4 - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.