home

flashcore.dll

Finger Power Technology Co., Ltd.

Publisher:
Finger Power Technology Co., Ltd.  (signed and verified)

MD5:
2f18b1131be8c7325886518cffdb8281

SHA-1:
91a9b446b2264fd0af0e7c551eef3b12b79d42fa

SHA-256:
8f426b162c7d115427c0d23260c358bc524f37f2f690fd35f10b7d2c94a6e3dd

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 2:20:22 PM UTC  (today)

File size:
620 KB (634,848 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\flashcore.dll

Digital Signature
Signed by:
Finger Power Technology Co., Ltd.

Authority:
Symantec Corporation

Valid from:
5/31/2016 5:30:00 AM

Valid to:
7/1/2017 5:29:59 AM

Subject:
CN="Finger Power Technology Co., Ltd.", OU=Development, O="Finger Power Technology Co., Ltd.", L=Beijing, S=Beijing, C=CN

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
2EC9B6209E7B6AC9D3A4DB1DC33852F3

File PE Metadata
Compilation timestamp:
7/20/2016 2:28:33 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:ISBHjwJnL8hifR7JSS4wd+rZ57cCi5NisfNlOl3+/kDlqGFEzid:IS1I+Gd4wdiZ5gCkCEklZmzid

Entry address:
0x1E9744

Entry point:
E9, 0B, C4, F6, FF, 00, 00, 3F, 72, 6D, 64, 69, 72, 40, 51, 44, 69, 72, 40, 40, 51, 42, 45, 5F, 4E, 41, 42, 56, 51, 53, 74, 72, 69, 6E, 67, 40, 40, 40, 5A, 00, E9, 8A, 07, F7, FF, 00, 00, 3F, 74, 6F, 53, 74, 72, 69, 6E, 67, 40, 51, 56, 61, 72, 69, 61, 6E, 74, 40, 40, 51, 42, 45, 3F, 41, 56, 51, 53, 74, 72, 69, 6E, 67, 40, 40, 58, 5A, 00, 00, 00, 3F, 61, 62, 73, 6F, 6C, 75, 74, 65, 46, 69, 6C, 65, 50, 61, 74, 68, 40, 51, 44, 69, 72, 40, 40, 51, 42, 45, 3F, 41, 56, 51, 53, 74, 72, 69, 6E, 67, 40, 40, 41, 42...
 
[+]

Entropy:
7.9075

Packer / compiler:
Xtreme-Protector v1.05

Code size:
826.5 KB (846,336 bytes)

The file flashcore.dll has been seen being distributed by the following URL.

http://download.kingoapp.com/kingoroot/.../FlashCore.dll

Scan flashcore.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.