» LaoKey8.dll
Overview
Analysis
File Details

LaoKey8.dll

LaoKey8 (LaoScript8)

Tavultesoft Pty Ltd

The library LaoKey8.dll, “Keyboard Mapping Library” has been detected as malware by 4 anti-virus scanners.

File name:

LaoKey8.dll

Publisher:

Lao Script for Windows (signed by Tavultesoft Pty Ltd)

Product:

LaoKey8 (LaoScript8)

Description:

Keyboard Mapping Library

Version:

8, 1, 11, 0

MD5:

3ffca4f18211fc2b53360aa049804344

SHA-1:

0d5b678a89d81ab0b46941966a7613570a0d47e6

SHA-256:

b8c3e08f9911de11a62b0c86f815ce417b1c58eeaedce5ddc1b4baee605b2dc8

Scanner detections:

4 / 68

Status:

Malware

Analysis date:

12/28/2024 6:23:10 PM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Win32/Floxif.H virus

6.3.12010.0

F-Prot

W32/Floxif.B

4.6.5.141

F-Secure

Win32.Floxif.A

5.15.154

Microsoft Security Essentials

Trojan:Win32/Floxif.F

1.231.585.0

File size:

134.7 KB (137,949 bytes)

Product version:

8, 1, 11, 0

Original file name:

LaoKey8.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\laoscript8\laokey8.dll

Digital Signature

Signed by:

Tavultesoft Pty Ltd

Authority:

VeriSign, Inc.

Valid from:

10/3/2013 7:00:00 AM

Valid to:

12/3/2014 6:59:59 AM

Subject:

CN=Tavultesoft Pty Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Tavultesoft Pty Ltd, L=Sandy Bay, S=Tasmania, C=AU

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

13B090A75BC844E2ABF8E7C71A44EE7C

File PE Metadata

Compilation timestamp:

6/7/2014 5:40:54 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

3072:2ZNSIP4CnuOsQvVqRlkM4OAD/KLznBuB2JA2BjO1dq:2ZJ4EsQvMRlkM4RD/qzMfUa1dq

Entry address:

0x2330

Entry point:

E9, 05, 27, 00, 00, 0C, 83, E8, 00, 74, 72, 48, 0F, 85, 92, 00, 00, 00, 8B, 45, 08, A3, 50, CA, 00, 10, B8, 01, 00, 00, 00, C7, 05, 4C, DE, 00, 10, 00, 00, 00, 00, C7, 05, 48, DE, 00, 10, 00, 00, 00, 00, C7, 05, 50, DE, 00, 10, 00, 00, 00, 00, C7, 05, 3C, DE, 00, 10, 00, 00, 00, 00, C7, 05, 2C, DE, 00, 10, 00, 00, 00, 00, C7, 05, 44, DE, 00, 10, 00, 00, 00, 00, C7, 05, 54, DE, 00, 10, 01, 00, 00, 00, C7, 05, 40, DE, 00, 10, 01, 00, 00, 00, C7, 05, 58, DE, 00, 10, 01, 00, 00, 00, 5D, C2, 0C, 00, A1, 58, CA... 
[+]

Entropy:

7.2483

Packer / compiler:

Xtreme-Protector v1.05

Code size:

19.5 KB (19,968 bytes)

Remove LaoKey8.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.