» iw4m.dll
Overview
Analysis
File Details

iw4m.dll

Bas Timmer

File name:

iw4m.dll

Publisher:

Bas Timmer (signed and verified)

MD5:

dd3534bac335b29f759204b941065f6b

SHA-1:

8a41c1820cde30aab9522fa75315d7caf2220e01

SHA-256:

45df1496dcfd8e18e5e653102ab9e69eaff502900caf912198cbccbee5dba71e

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

11/27/2024 4:10:35 AM UTC (today)

Scan engine

Detection

Engine version

Trend Micro House Call

Suspicious_GEN.F47V0801

7.2.278

File size:

1.2 MB (1,260,480 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\appdata\local\iw4m\iw4m.dll

Digital Signature

Signed by:

Bas Timmer

Authority:

COMODO CA Limited

Valid from:

1/23/2013 1:00:00 AM

Valid to:

1/24/2014 12:59:59 AM

Subject:

CN=Bas Timmer, O=Bas Timmer, STREET=Virchowstrasse 41, L=Braunschweig, S=Niedersachsen, PostalCode=38118, C=DE

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

769D47DF65D1B4464AB8B485CF9CC106

File PE Metadata

Compilation timestamp:

2/8/2013 11:07:42 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

24576:0S+/6h511E/WfVHbzJOIkfbvRJEApSzigArB6:0vaOWNXJ4fbvRJErpAr

Entry address:

0x8A32C

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 08, 3D, 01, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 51, 83, 65, FC, 00, 56, 8D, 45, FC, 50, FF, 75, 0C, FF, 75, 08, E8, 76, 3D, 01, 00, 8B, F0, 83, C4, 0C, 85, F6, 75, 18, 39, 45, FC, 74, 13, E8, 64, 00, 00, 00, 85, C0, 74, 0A, E8, 5B, 00, 00, 00, 8B, 4D, FC, 89, 08, 8B, C6, 5E, C9, C3, 3B, 0D, A0, 78, 0F, 10, 75, 02, F3, C3, E9, C3, 3D, 01, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 33, C9, 3B, 04, CD, A8... 
[+]

Code size:

671 KB (687,104 bytes)

Scan iw4m.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.