MFC100.DLL

Microsoft Visual Studio 10

Nanjing Tongxiang Network Technology Co.,LTD

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The library MFC100.DLL, “MFCDLL Shared Library - Retail Version” has been detected as malware by 3 anti-virus scanners.
Publisher:
Microsoft Corporation  (signed by Nanjing Tongxiang Network Technology Co.,LTD)

Product:
Microsoft® Visual Studio® 10

Description:
MFCDLL Shared Library - Retail Version

Version:
10.00.40219.01

MD5:
4e2fb9efcb1e217c1cf6d8d0e783673f

SHA-1:
03f2efbd2bbc0c3208d67f0d8bf254396d65c786

SHA-256:
ad43a5fb3d2e9f5c20bd21c67a9a28e76d4dd81f04338e4e6773bbcbecf113df

Scanner detections:
3 / 68

Status:
Malware

Analysis date:
11/23/2024 10:18:15 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Floxif.H virus
6.3.12010.0

F-Prot
W32/Floxif.B
4.6.5.141

F-Secure
Win32.Floxif.A
5.16.24

File size:
4.3 MB (4,476,207 bytes)

Product version:
10.00.40219.01

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
MFC100.DLL

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\wi-fi\mfc100.dll

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
3/18/2014 5:45:00 AM

Valid to:
3/18/2017 5:44:59 AM

Subject:
CN="Nanjing Tongxiang Network Technology Co.,LTD", OU=IT, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Nanjing Tongxiang Network Technology Co.,LTD", L=Nanjing, S=Jiangsu, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6AC8AF24C602CB90FE71875F1C4CEC80

File PE Metadata
Compilation timestamp:
2/19/2011 8:08:52 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
10.0

Entry address:
0x25DAA9

Entry point:
E9, 1A, 51, EC, FF, 83, 7D, 0C, 01, 75, 05, E8, C8, 03, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, C7, FE, FF, FF, 59, 5D, C2, 0C, 00, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 98, A9, E1, 78, 89, 0D, 94, A9, E1, 78, 89, 15, 90, A9, E1, 78, 89, 1D, 8C, A9, E1, 78, 89, 35, 88, A9, E1, 78, 89, 3D, 84, A9, E1, 78, 66, 8C, 15, B0, A9, E1, 78, 66, 8C, 0D, A4, A9, E1, 78, 66, 8C, 1D, 80, A9, E1, 78, 66, 8C, 05, 7C, A9, E1, 78, 66, 8C, 25, 78, A9, E1, 78, 66, 8C, 2D, 74, A9, E1, 78...
 
[+]

Entropy:
7.0728

Packer / compiler:
Xtreme-Protector v1.05

Code size:
2.7 MB (2,813,952 bytes)

Remove MFC100.DLL - Powered by Reason Core Security