home

mslog.dll

广西千炎网络科技有限公司

The module mslog.dll by 广西千炎网络科技有限公司 has been detected as a potentially unwanted program by 6 anti-malware scanners.
Publisher:
广西千炎网络科技有限公司  (signed and verified)

MD5:
996875531a6ed8070c5badc35c73e6ce

SHA-1:
95c264c1cb0775825d1cc4d1bfcecd085049bc25

SHA-256:
e3ffda3f44f192687abaca8b5b69c24dbb7427cc2d6ea28f7712d6be192e9ba3

Scanner detections:
6 / 68

Status:
Potentially unwanted

Analysis date:
1/15/2025 1:16:03 AM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Troj.Atraps.A!c
2.1.4+

Avira AntiVirus
TR/ATRAPS.A.18039
8.3.3.2

AVG
Generic
2017.0.2767

IKARUS anti.virus
PUA.WuJi
t3scan.2.0.9.0

McAfee
Artemis!996875531A6E
5600.6423

Rising Antivirus
PE:Malware.Generic(Thunder)!1.A1C4 [F]
23.00.65.16419

File size:
272.1 KB (278,656 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\temp\mslog.dll

Digital Signature
Signed by:
广西千炎网络科技有限公司

Authority:
Thawte, Inc.

Valid from:
11/17/2015 8:00:00 AM

Valid to:
11/17/2016 7:59:59 AM

Subject:
CN=广西千炎网络科技有限公司, OU=技术, O=广西千炎网络科技有限公司, L=南宁, S=广西, C=CN

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
1ECA4D827EC25FB144574CEF9DE92C0E

File PE Metadata
Compilation timestamp:
12/19/2015 5:12:08 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:8O8Om64hNhw5K0vJcbLVN4b/ca5sj0zKrk3i3k11+6bwj64K/ootljDrTrA8o:18Om64hNhw5K0vJcbn4rasik180wj64B

Entry address:
0x249AE

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, F3, 5E, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 5D, E9, DC, ED, FF, FF, 8B, FF, 55, 8B, EC, 83, 7D, 08, 00, 74, 2D, FF, 75, 08, 6A, 00, FF, 35, 70, 0E, 04, 10, FF, 15, CC, 50, 03, 10, 85, C0, 75, 18, 56, E8, 34, 15, 00, 00, 8B, F0, FF, 15, 18, 50, 03, 10, 50, E8, E4, 14, 00, 00, 59, 89, 06, 5E, 5D, C3, 8B, FF, 55, 8B, EC, 53, 8B, 5D, 08, 83, FB, E0, 77, 6F, 56, 57, 83, 3D, 70, 0E, 04, 10, 00, 75...
 
[+]

Entropy:
6.5707

Code size:
208 KB (212,992 bytes)

Remove mslog.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.