home

localserver.dll

p2p server

Beijing Yun Shi Tian Chuang Network Technology Co., Ltd.

Publisher:
Beijing Yun Shi Tian Chuang Network Technology Co., Ltd.  (signed and verified)

Product:
p2p server

Version:
2012, 8, 29, 0

MD5:
8b48239fd21f08158c54829b1273473c

SHA-1:
25ed50136b9c05ba427603bb9f533a8ec080c350

SHA-256:
d4d9d9c8a3d43521c6815d39afd8479d5655ceb8bea9346c30c7e9d0d11ed9b8

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/6/2024 2:06:56 AM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Troj.W32.Gen
2.1.4+

File size:
345.4 KB (353,720 bytes)

Product version:
2012, 8, 29, 0

Copyright:
UUSEE

Original file name:
Localser.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Chinese (Simplified, China)

Common path:
C:\Program Files\common files\allvideo\localserver.dll

Digital Signature
Signed by:
Beijing Yun Shi Tian Chuang Network Technology Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
9/6/2011 8:00:00 AM

Valid to:
9/6/2012 7:59:59 AM

Subject:
CN="Beijing Yun Shi Tian Chuang Network Technology Co., Ltd.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Beijing Yun Shi Tian Chuang Network Technology Co., Ltd.", L=beijing, S=beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
174077621B2DCD8AC54F1808044128EE

File PE Metadata
Compilation timestamp:
8/29/2012 5:17:58 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:L0u1xuvSRXfX4NuYQ90DwXONsf+VeibaTySpll/WTB1NzVAghQb:HxuKOuYQ9fqbbaTFplVWTn5Qb

Entry address:
0x1B3A6

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 63, B2, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 6A, 00, FF, 75, 14, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, CE, B2, 00, 00, 83, C4, 14, 5D, C3, 8B, FF, 55, 8B, EC, 33, C0, 39, 45, 0C, 76, 0F, 8B, 4D, 08, 80, 39, 00, 74, 07, 40, 41, 3B, 45, 0C, 72, F4, 5D, C3, 8B, FF, 55, 8B, EC, 51, 53, 8B, 45, 0C, 83, C0, 0C, 89, 45, FC, 64, 8B, 1D, 00, 00, 00, 00, 8B, 03, 64, A3, 00, 00, 00, 00, 8B, 45, 08, 8B...
 
[+]

Entropy:
6.4712

Code size:
232.5 KB (238,080 bytes)

Scan localserver.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.