home

icudt.dll

International Components for Unicode

Fuyuan Zhou

icudt56.dll is the International Components for Unicode (ICU) library provides portable, Unicode and Globalization support for software applications and is recompiled by Fuyuan Zhou. The library icudt.dll by Fuyuan Zhou has been known to be a potentially unwanted program that has been detected by 1 anti-malware scanner. Note, this is a common distributed file and although it has been detected it might not be a threat is un-coupled from its distribution source.
Publisher:
The ICU Project  (signed by Fuyuan Zhou)

Product:
International Components for Unicode

Description:
ICU Data DLL

Version:
56, 1, 0, 0

MD5:
69c9e9062836b063c4f904d946e9dc07

SHA-1:
94d08439a0eef4a051d6f2696ac011c949e9e0e3

SHA-256:
3c7f46cb52f3fdd06f64f0a0ce21ecfa50b9636553d79289f8a19cedd089a1ff

Scanner detections:
1 / 68

Status:
Inconclusive but possibly unwanted  (It is part of a common redistributable library)

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/23/2024 9:45:22 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Common.PartOf.PUP.FuyuanZh (M)
16.7.12.12

File size:
9.7 MB (10,133,888 bytes)

Product version:
56, 1, 0, 0

Copyright:
Copyright (C) 2015, International Business Machines Corporation and others. All Rights Reserved.

Original file name:
icudt56.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Language Neutral

Common path:
C:\Program Files\chromium\application\icudt.dll

Digital Signature
Signed by:
Fuyuan Zhou

Authority:
thawte, Inc.

Valid from:
7/5/2016 9:00:00 PM

Valid to:
6/21/2017 8:59:59 PM

Subject:
CN=Fuyuan Zhou, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
46001FFDEB7F044C0D53B13CFF5C98A6

File PE Metadata
Compilation timestamp:
3/25/2016 4:04:45 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
196608:TgUPty2A2iaEMjYsIPsiXUxew+dWhl17Ul2noOg9Wbkxy0MS/FY437T/0rPeS:X122UsiXUxew+dWhl17Ul2noOg9Wbkxe

Entry point:
4D, 5A, 90, 00, 03, 00, 00, 00, 04, 00, 00, 00, FF, FF, 00, 00, B8, 00, 00, 00, 00, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, C0, 00, 00, 00, 0E, 1F, BA, 0E, 00, B4, 09, CD, 21, B8, 01, 4C, CD, 21, 54, 68, 69, 73, 20, 70, 72, 6F, 67, 72, 61, 6D, 20, 63, 61, 6E, 6E, 6F, 74, 20, 62, 65, 20, 72, 75, 6E, 20, 69, 6E, 20, 44, 4F, 53, 20, 6D, 6F, 64, 65, 2E, 0D, 0D, 0A, 24, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Scan icudt.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.