» gmsomplak.dll
Overview
Analysis
File Details
Downloads (2)

gmsomplak.dll

File name:

gmsomplak.dll

MD5:

9816c4d0354c2c7e95b3e4dfba6838ff

SHA-1:

1b6e0b4724d1cec514933b11bbd1b7bac28fe92a

SHA-256:

e2d18292eb32883ee488c160b495b0d87504e40b186d7e18161700b8fe6627fa

Scanner detections:

1 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

11/5/2024 8:02:29 PM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Win32/GameHack.YW potentially unsafe application

8.0.319.0

File size:

346 KB (354,304 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\gmsomplak.dll

File PE Metadata

Compilation timestamp:

6/26/2016 6:37:43 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

6144:vgM4+/Hi0aaOwUYw/ZyjnqLP/5QeeaQeesQeesQeeK2QeehQeeh4UYVgq3WdeNk6:a+K1ZwUYKZyjO9UDdeNrnLV

Entry address:

0x666B

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 6B, 03, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, CC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 40, 1E, 05, 10, 89, 0D, 3C, 1E, 05, 10, 89, 15, 38, 1E, 05, 10, 89, 1D, 34, 1E, 05, 10, 89, 35, 30, 1E, 05, 10, 89, 3D, 2C, 1E, 05, 10, 66, 8C, 15, 58, 1E, 05, 10, 66, 8C, 0D, 4C, 1E, 05, 10, 66, 8C, 1D, 28, 1E, 05, 10, 66, 8C, 05, 24, 1E, 05, 10, 66, 8C, 25, 20, 1E, 05, 10, 66, 8C, 2D, 1C, 1E, 05, 10, 9C, 8F, 05, 50, 1E... 
[+]

Entropy:

6.2860

Code size:

212 KB (217,088 bytes)

The file gmsomplak.dll has been seen being distributed by the following 2 URLs.

https://doc-08-2k-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/la240erccvgg40q41nm457at4574kl6n/1467115200000/06272436172787362952/.../0B62nTl8S8J-PWkw1UnprbTZLc1E?e=download

https://doc-08-2k-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/u8aa6gndsq1vknig9245dckgnsn5p0d9/1466906400000/06272436172787362952/.../0B62nTl8S8J-PWkw1UnprbTZLc1E?e=download

Scan gmsomplak.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.