home

libcurl.dll

The cURL library

Riyue peer information technology (Beijing) Co., Ltd

libcurl.dll is the cURL library (libcurl) used for transferring data with URL syntax including HTTP. This library is used to plug into C-based applictaions and is recompiled by Riyue peer information technology (Beijing) Co., Ltd. Note, this is a common distributed file and although it has been detected it might not be a threat is un-coupled from its distribution source.
Publisher:
The cURL library, http://curl.haxx.se/  (signed by Riyue peer information technology (Beijing) Co., Ltd)

Product:
The cURL library

Description:
libcurl Shared Library

Version:
7.26.0

MD5:
b23119dd739efb25d4c960c0df93cdd9

SHA-1:
22a2e8bc19e5c4ab689caee9587ebe163a9089df

SHA-256:
54bda37441e5f3b264f1048ad215ec2e3c7728e9427f7ce558bb05f59779cf1d

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/24/2024 7:18:59 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.10.14.20

File size:
326.9 KB (334,712 bytes)

Product version:
7.26.0

Copyright:
?1996 - 2012 Daniel Stenberg, <daniel@haxx.se>.

Original file name:
libcurl.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\ncalendar\libcurl.dll

Digital Signature
Signed by:
Riyue peer information technology (Beijing) Co., Ltd

Authority:
Thawte, Inc.

Valid from:
2/2/2015 8:00:00 AM

Valid to:
4/3/2016 7:59:59 AM

Subject:
CN="Riyue peer information technology (Beijing) Co., Ltd", OU=departmentof commerce, O="Riyue peer information technology (Beijing) Co., Ltd", L=beijing, S=beijing, C=CN

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
6FFBC290FCCD68D68A5AAB6BB6E783D4

File PE Metadata
Compilation timestamp:
4/3/2015 6:07:21 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:hI0MtpeMl7Vn54hjnCTZCl6qVyywTkSOxOfbFfIxvlig9dJoPEHnpxEe6s1TFijq:hIftpeMl7Vn54hjnCTZCl6qAywTkSOxZ

Entry address:
0x336AA

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, B6, 86, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 66, 0F, EF, C0, 51, 53, 8B, C1, 83, E0, 0F, 85, C0, 75, 7F, 8B, C2, 83, E2, 7F, C1, E8, 07, 74, 37, 8D, A4, 24, 00, 00, 00, 00, 66, 0F, 7F, 01, 66, 0F, 7F, 41, 10, 66, 0F, 7F, 41, 20, 66, 0F, 7F, 41, 30, 66, 0F, 7F, 41, 40, 66, 0F, 7F, 41, 50, 66, 0F, 7F, 41, 60, 66, 0F, 7F, 41, 70, 8D, 89, 80, 00, 00, 00, 48, 75, D0, 85, D2, 74, 37, 8B, C2, C1, E8, 04, 74, 0F, EB, 03...
 
[+]

Entropy:
6.6537

Code size:
258.5 KB (264,704 bytes)

Scan libcurl.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.