MSVCP90.DLL

Microsoft Visual Studio 2008

LionSea Software co., ltd

MSVCP90.DLL is the runtime components of Visual C++ Libraries required to run applications developed with Visual C++ and is recompiled by LionSea Software co., ltd. While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The module MSVCP90.DLL, “Microsoft® C++ Runtime Library” by LionSea Software co., ltd has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. Although a detection has been made for this resource, it is generally a commonly distributed 3rd-party library and is typically safe by itself.
Publisher:
Microsoft Corporation  (signed by LionSea Software co., ltd)

Product:
Microsoft® Visual Studio® 2008

Description:
Microsoft® C++ Runtime Library

Version:
9.00.30729.1

MD5:
ede0d85547dc3910ff3a2a9fba6f52cf

SHA-1:
5a70dcb2ce6cb942e0be272d873e9eccdeb84076

SHA-256:
4a17c03fb72ea566ab287a697456bae7c6a5c6fa7df909ce1d8a519125901036

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
This is the runtime components of Visual C++ Libraries required to run applications developed with Visual C++. While the file itself is not dangerous, it is part of a program that has been detected.

Analysis date:
11/23/2024 2:57:01 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.LionSea (M)
16.9.26.9

File size:
556.8 KB (570,168 bytes)

Product version:
9.00.30729.1

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
MSVCP90.DLL

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\wisefixer\msvcp90.dll

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
2/7/2012 6:00:00 PM

Valid to:
2/7/2013 5:59:59 PM

Subject:
CN="LionSea Software co., ltd", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="LionSea Software co., ltd", L=beijing, S=beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5C82730AFCB40651922D0DB016CEEFF7

File PE Metadata
Compilation timestamp:
7/29/2008 5:54:01 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:L0/veMyZ137mSEWT0VkypLvNLehUgiW6QR7t5183Ooc8SHkC2eM8s:L0SZ13iwJmNLq83Ooc8SHkC2eo

Entry address:
0x39DD7

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, D3, 04, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, C7, FE, FF, FF, 59, 5D, C2, 0C, 00, CC, CC, CC, CC, CC, CC, FF, 25, 48, 11, 48, 78, CC, CC, CC, CC, CC, CC, FF, 25, 4C, 11, 48, 78, CC, CC, CC, CC, CC, CC, FF, 25, 50, 11, 48, 78, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 83, 3D, 58, 77, 50, 78, 00, 74, 2D, 55, 8B, EC, 83, EC, 08, 83, E4, F8, DD, 1C, 24, F2, 0F, 2C, 04, 24, C9, C3, 83, 3D, 58, 77, 50, 78, 00, 74, 11, 83, EC...
 
[+]

Entropy:
6.5235

Code size:
525 KB (537,600 bytes)

Remove MSVCP90.DLL - Powered by Reason Core Security