interop.AliExtension.DLL

Hewlett-Packard Company

The file interop.AliExtension.DLL, re-signed by Hewlett-Packard Company, is an Interop assembly that has been intergated by a 3rd-party into a .Net application. The file has been seen being downloaded from almalmqc1250saastrial.saas.hpe.com and multiple other hosts.
Publisher:
Hewlett-Packard Company  (signed and verified)

Version:
2.9.0.0

MD5:
680d2327b318d45eaa7af135171d7513

SHA-1:
f17ed26d04ee058195f8e8d1ec0ac54dddf6e583

SHA-256:
7431da075069fbbfaffebcaee361050eef7caa8deac9ac26159544f53e159608

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 2:43:22 AM UTC  (today)

File size:
65.8 KB (67,336 bytes)

Original file name:
interop.AliExtension.DLL

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\interop.aliextension.dll

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
6/24/2014 6:00:00 PM

Valid to:
7/24/2016 5:59:59 PM

Subject:
CN=Hewlett-Packard Company, O=Hewlett-Packard Company, L=Palo Alto, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
56A30E9A6EAB4489884F10D9BEF2DF24

File PE Metadata
Compilation timestamp:
7/29/2015 12:52:33 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:yzcV4WaQE7ylllllldlllllFwGBlb94Vt20osH/gsdLmsoOC:p0GB19m9LvoOC

Entry address:
0x1056E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.1766

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
57.5 KB (58,880 bytes)

The file interop.AliExtension.DLL has been seen being distributed by the following 2 URLs.

http://108.28.70.64:8080/qcbin/Install/Extensions/.../interop.AliExtension.DLL?CV=CV--1441494650