home

iswin7.dll

ISWin7

VoLT, 2011

Publisher:
VoLT, 2011

Product:
ISWin7

Version:
0.5

MD5:
7a3bdf6866561ce7d42a666e81278096

SHA-1:
a3b226f75a811164c169653fb19dafa072a5ce43

SHA-256:
0006fb720536a30d50e4c3772fae1912571b5afd61dc2cb55d2595817e7e596e

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/17/2024 6:25:32 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.CDB
1.3.0.4923

Trend Micro House Call
TROJ_GEN.F47V1120
7.2.19

File size:
37.5 KB (38,400 bytes)

Product version:
0.5

Copyright:
© 2011 VoLT

File type:
Dynamic link library (Win32 DLL)

Language:
Russian (Russia)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\iswin7.dll

File PE Metadata
Compilation timestamp:
3/23/2011 11:46:29 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
768:JTQn+cp7fHP4EDMMDRbNcNzqKZRa2PtmFZK+aYciSjVZ0RQySo6R+zBNriqlt:Clpv4GMMD9WRpPt6ZKT5Z0RQO77l

Entry address:
0x42D2

Entry point:
B8, 44, 71, 01, 10, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 4F, A5, 32, F7, A9, D3, 9A, CC, 04, 7F, 99, CC, 1B, 87, D6, 65, A6, B4, 63, 91, 88, C7, 02, 4D, A2, 41, 1E, 55, CC, 5C, 48, F9, F1, 69, 28, 04, A7, 07, 13, 7E, 9C, 80, D0, 75, 04, F9, BA, FB, 82, 07, C0, B4, 4A, BA, 71, 41, 39, 26, DB, F7, 43, 83, ED, E4, E8, 96, FA, 4B, D1, FA, 20, C7, 78, D0, D0, 00, 0F, 1E, 58, 86, C4, E7, F7, EF, 7A, BC, 18, CB, 9D, 45, C1, 90, 82...
 
[+]

Entropy:
7.7734

Packer / compiler:
PECompact v2

Code size:
48 KB (49,152 bytes)

The file iswin7.dll has been seen being distributed by the following URL.

http://src.repairdll.org/.../4231_iswin7.dll

Scan iswin7.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.