home

libeay32.dll

The OpenSSL Toolkit

Taiwan Shui Mu Chih Ching Technology Limited

The file libeay32.dll, “OpenSSL Shared Library” by Taiwan Shui Mu Chih Ching Technology Limited has been detected as adware by 4 anti-malware scanners. This file is typically installed with the program Picexa by Taiwan Shui Mu Chih Ching Technology Limited.. It is also typically executed from the user's temporary directory.
Publisher:
The OpenSSL Project, http://www.openssl.org/  (signed by Taiwan Shui Mu Chih Ching Technology Limited)

Product:
The OpenSSL Toolkit

Description:
OpenSSL Shared Library

Version:
1.0.0e

MD5:
4d9dd421c2b4ec035af5003bc3a33fa4

SHA-1:
3d19dffb5c561c3acd77162a78fe18425530d76d

SHA-256:
846a8a7ed6d0a2294907e6bd72b5880fa44dd92320398a5e26ad30a542ce6549

Scanner detections:
4 / 68

Status:
Adware

Analysis date:
11/27/2024 1:33:00 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Generic
2016.0.3098

Bkav FE
W32.HfsAdware
1.3.0.6379

Dr.Web
Adware.Mutabaha.229
9.0.1.05190

Reason Heuristics
PUP.Thinknice
15.3.26.12

File size:
1.1 MB (1,102,008 bytes)

Product version:
1.0.0e

Copyright:
Copyright ?1998-2005 The OpenSSL Project. Copyright ?1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.

Original file name:
libeay32.dll

Common path:
C:\users\{user}\appdata\local\temp\_@68fd.tmp

Digital Signature
Signed by:
Taiwan Shui Mu Chih Ching Technology Limited

Authority:
GlobalSign nv-sa

Valid from:
3/4/2015 11:26:37 AM

Valid to:
3/4/2016 11:26:37 AM

Subject:
CN=Taiwan Shui Mu Chih Ching Technology Limited, O=Taiwan Shui Mu Chih Ching Technology Limited, L=Taipei City, S=Taiwan, C=TW

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121003857AB2AD439A7293EF2F1A8B3DCB6

File PE Metadata
Compilation timestamp:
8/22/2014 7:16:11 AM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

CTPH (ssdeep):
24576:Dg0HkMAapZ/Pg7TL+15YMn5b2zukBUpPNyJWPHHHJRh8a6b8:7kMzpO615znosFyJWPHJRmac8

Entry address:
0x9EFC0

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, A9, 03, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 10, 68, C8, 3A, 0E, 10, E8, 81, 04, 00, 00, 33, C0, 40, 8B, F0, 89, 75, E4, 33, DB, 89, 5D, FC, 8B, 7D, 0C, 89, 3D, E0, 3A, 10, 10, 89, 45, FC, 85, FF, 75, 0C, 39, 3D, D8, 61, 10, 10, 0F, 84, D4, 00, 00, 00, 3B, F8, 74, 05, 83, FF, 02, 75, 38, A1, E0, 39, 0E, 10, 85, C0, 74, 0E, FF, 75, 10, 57, FF, 75, 08, FF, D0, 8B, F0, 89, 75, E4, 85, F6, 0F, 84, B1, 00, 00, 00...
 
[+]

Entropy:
6.7569

Developed / compiled with:
Microsoft Visual C++

Code size:
702 KB (718,848 bytes)

The file libeay32.dll has been discovered within the following program.

Picexa  by Taiwan Shui Mu Chih Ching Technology Limited.
About 2% of users remove it
 
Powered by Should I Remove It?

Remove libeay32.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.