home

findprocdll.dll

超霸传奇

Mianyang FiveThreeNineThree Technology Co.,Ltd

Publisher:
Mianyang FiveThreeNineThree Technology Co.,Ltd  (signed and verified)

Product:
超霸传奇

Version:
2.0.0.0

MD5:
ea3345225e02fcf80a893c10013bf4f0

SHA-1:
7b72e5745b73cd1736f90a521a3cee453be00ef4

SHA-256:
e48429b76b90e0b3c0377900a43c3d94b285aa263eef49c60ed01d91a10335d6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 7:23:48 AM UTC  (today)

File size:
65.7 KB (67,248 bytes)

Product version:
2.0.0.0

Copyright:
Copyright (C) 2016

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\findprocdll.dll

Digital Signature
Signed by:
Mianyang FiveThreeNineThree Technology Co.,Ltd

Authority:
WoSign CA Limited

Valid from:
7/3/2015 5:01:33 PM

Valid to:
12/30/2016 12:00:00 AM

Subject:
CN="Mianyang FiveThreeNineThree Technology Co.,Ltd", O="Mianyang FiveThreeNineThree Technology Co.,Ltd", L=Mianyang, S=Sichuan, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
646AB2B9C0F4AB8C19863F1D0B0DA38E

File PE Metadata
Compilation timestamp:
4/7/2016 11:03:10 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
10.0

CTPH (ssdeep):
768:XzNsq9ZXQVqeJdqBr89w2Kq9RYn8g9bHTTt9LYcohlkkPn28ED/exv7ybNoFSNoh:JDZgVzJdqVmV7Y79bzTAcAlkg/sFM

Entry address:
0x1C89

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 16, 31, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 2D, A4, 03, 00, 00, 74, 22, 83, E8, 04, 74, 17, 83, E8, 0D, 74, 0C, 48, 74, 03, 33, C0, C3, B8, 04, 04, 00, 00, C3, B8, 12, 04, 00, 00, C3, B8, 04, 08, 00, 00, C3, B8, 11, 04, 00, 00, C3, 8B, FF, 56, 57, 8B, F0, 68, 01, 01, 00, 00, 33, FF, 8D, 46, 1C, 57, 50, E8, 5E, 31, 00, 00, 33, C0, 0F, B7, C8, 8B, C1, 89, 7E, 04, 89, 7E, 08, 89, 7E, 0C, C1, E1, 10, 0B, C1, 8D, 7E...
 
[+]

Entropy:
6.6390

Code size:
29.5 KB (30,208 bytes)

Scan findprocdll.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.