home

octres.dll

Ресурсы для центра развертывания Microsoft Office

Microsoft Corporation

OCTres provides the localized resources of the Russian language version (strings, images, icons, menu items) for the MS Office Customization tool. OCT is part of the Setup program and used to customize the installation of the Windows Installer-based Office.
Publisher:
Корпорация Майкрософт  (signed by Microsoft Corporation)

Product:
Ресурсы для центра развертывания Microsoft Office

Version:
15.0.4420.1017

MD5:
a0c17e192201af3647f01069d04de6e4

SHA-1:
fb5825241bbd5723cb0cbe27f4f5aecbc61ed4cb

SHA-256:
0554a231435c039a8c61448abc1e7eda0b7fa514ad5c7dbebe9a1f33c75f2904

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
1/14/2025 9:27:41 PM UTC  (today)

File size:
419.6 KB (429,680 bytes)

Product version:
15.0.4420.1017

Original file name:
octres.dll

File type:
Dynamic link library (Win64 DLL)

Language:
Russian (Russia)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\admin\ru-ru\octres.dll

Digital Signature
Signed by:
Microsoft Corporation

Authority:
Microsoft Corporation

Valid from:
7/26/2012 1:50:41 PM

Valid to:
10/26/2013 1:50:41 PM

Subject:
CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
3300000088590E3C511FE26A67000100000088

File PE Metadata
Compilation timestamp:
9/29/2012 9:36:02 AM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
10.10

CTPH (ssdeep):
3072:vWG2Gh8/0D7UGIPCDT3iek/o3Dt0em/8ckeNPmMl:uG337nhP3iN/o6nPm

Entry point:
4D, 5A, 90, 00, 03, 00, 00, 00, 04, 00, 00, 00, FF, FF, 00, 00, B8, 00, 00, 00, 00, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, C0, 00, 00, 00, 0E, 1F, BA, 0E, 00, B4, 09, CD, 21, B8, 01, 4C, CD, 21, 54, 68, 69, 73, 20, 70, 72, 6F, 67, 72, 61, 6D, 20, 63, 61, 6E, 6E, 6F, 74, 20, 62, 65, 20, 72, 75, 6E, 20, 69, 6E, 20, 44, 4F, 53, 20, 6D, 6F, 64, 65, 2E, 0D, 0D, 0A, 24, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
4.7697

The file octres.dll has been seen being distributed by the following 2 URLs.

ftp://ftp.ptcl.net.pk/Helpdesk-Software/Office 2013/Office_Professional_Plus_2013_64Bit_English/admin/.../octres.dll

ftp://hpc.dvrcam.net/Office/Office 2013/Office 2013 64/Admin/.../octres.dll

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.