home

olepro32.dll

Microsoft Corporation

Publisher:
Microsoft Corporation

 
Part of the Windows Operating System

Version:
6.1.7601.17514

MD5:
703ffd301ab900b047337c5d40fd6f96

SHA-1:
69de438ca22afa4ecf5f25edcdc3088f386f9552

SHA-256:
c09909b89183b89ba87cac8c5bebd0e995c5cb08cc9b9d1e88352103ee958857

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
4/23/2025 2:43:02 AM UTC  (today)

File size:
88 KB (90,112 bytes)

Product version:
6.1.7601.17514

Copyright:
© Microsoft Corporation. All rights reserved.

Trademarks:
Microsoft® is a registered trademark of Microsoft Corporation. Windows® is a registered trademark of Microsoft Corporation.

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Windows\System32\olepro32.dll

File PE Metadata
Compilation timestamp:
11/20/2010 8:05:12 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
1536:nzXN/AcSVa+K6HTcRz/YWzqxhnrHN+XagO/fjyXGBtwPFQJZG41Ttr1C:n5YRLKMQRTqXrHNWjO/2XGBit9wx

Entry address:
0x2754

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, C8, 01, 00, 00, 5D, E9, 89, FD, FF, FF, CC, CC, CC, CC, CC, CC, FF, 25, B4, 12, FC, 02, CC, CC, CC, CC, CC, CC, FF, 25, B0, 12, FC, 02, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 8B, 4D, 08, B8, 4D, 5A, 00, 00, 66, 39, 01, 74, 04, 33, C0, 5D, C3, 8B, 41, 3C, 03, C1, 81, 38, 50, 45, 00, 00, 75, EF, 33, D2, B9, 0B, 01, 00, 00, 66, 39, 48, 18, 0F, 94, C2, 8B, C2, 5D, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B...
 
[+]

Entropy:
6.3770

Code size:
69 KB (70,656 bytes)

43 ActiveX Installs
Name:
{3F932FFA-F092-4FDB-92C5-1285978614D2}

Name:
{99C709C7-4F58-46C1-855B-90213C760395}

Name:
{E4CF4E86-D0DC-4864-8F0E-4F6EA2526334}

Name:
{24F6E6A8-852C-45A8-ADD3-C4AB0D6FD231}

Name:
{39461460-2552-4D51-A062-3AB6A7B902E9}

Name:
{42E8651D-C437-4203-93F5-24E20C2C4465}


The file olepro32.dll has been seen being distributed by the following 3 URLs.

ftp://10.22.0.10/Stat_HADJ2016-26022016/PackageStatistiqueInscriptionP/.../olepro32.dll

ftp://192.168.1.10/ictuser/???????????????????????—??????/NHSOAuthen4_2016/.../olepro32.dll

http://gsz-ao.sourceforge.net/.../OLEPRO32.DLL

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.