libaccess_output_http_plugin.dll

Giner Tech Inc

This is a module (plug-in) to the VLC (LibVLC application) media player framework that is a HTTP Network access module, however, the file is signed and redistributed by a third party that could be part of a potentially unwanted program. CmdShell.exe is a plugin used with VLC media framework and is recompiled by Giner Tech Inc. The module libaccess_output_http_plugin.dll by Giner Tech Inc has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is typically installed with the VLC Media Player from VideoLAN. Although a detection has been made for this resource, it is generally a commonly distributed 3rd-party library and is typically safe by itself.
Publisher:
SearchProtect  (signed by Giner Tech Inc)

Product:
SearchProtect

Description:
CmdShell.exe

Version:
4,0,1,2253

MD5:
642738750daf7d963b28897ff9e77455

SHA-1:
12db280554c6e598e49b22a1c2548ae920b24055

SHA-256:
99977210a45c06784190f028c68b9d2a00b59a16abf468c96858933d0a914c30

Scanner detections:
1 / 68

Status:
Adware

Explanation:
This is a plugin used with VLC media framework. While the file itself is not dangerous, it is part of a program that has been detected.

Analysis date:
11/27/2024 4:41:22 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Thinknice (M)
16.11.20.16

File size:
37 KB (37,888 bytes)

Product version:
4,0,1,2253

Copyright:
Copyright (C) 2014

Original file name:
CmdShell.exe

File type:
Dynamic link library (Win32 DLL)

Language:
Chinese

Common path:
C:\Program Files\videolan\vlc\plugins\access_output\libaccess_output_http_plugin.dll

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
4/19/2015 11:43:22 PM

Valid to:
12/2/2015 2:23:38 AM

Subject:
CN=Giner Tech Inc, O=Giner Tech Inc, L=Wilmington, S=Delaware, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112186B135D0152CD8EA8D04B67D2A0CCF34

File PE Metadata
Compilation timestamp:
4/20/2015 6:41:48 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
768:qz+eOeRUqbEfI+vaedhFduIt2mZV7ZFm/s:q6eOebb4I+ZTduE7ZFJ

Entry address:
0x267E

Entry point:
E8, 8E, 03, 00, 00, E9, 4C, FE, FF, FF, 55, 8B, EC, FF, 15, 50, 30, 40, 00, 6A, 01, A3, 9C, 44, 40, 00, E8, 81, 04, 00, 00, FF, 75, 08, E8, 7F, 04, 00, 00, 83, 3D, 9C, 44, 40, 00, 00, 59, 59, 75, 08, 6A, 01, E8, 67, 04, 00, 00, 59, 68, 09, 04, 00, C0, E8, 68, 04, 00, 00, 59, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, 73, 04, 00, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, 80, 42, 40, 00, 89, 0D, 7C, 42, 40, 00, 89, 15, 78, 42, 40, 00, 89, 1D, 74, 42, 40, 00, 89, 35, 70, 42, 40, 00, 89, 3D, 6C...
 
[+]

Code size:
8 KB (8,192 bytes)

Remove libaccess_output_http_plugin.dll - Powered by Reason Core Security