home

openssleay32.dll

The OpenSSL Toolkit

OOO Russkie Internet Reshenija

ssleay32.dll is the libeay32.dll binary is part of the OpenSSL Project used to implement Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols for the included program and is recompiled by OOO Russkie Internet Reshenija. The library openssleay32.dll, “OpenSSL Shared Library” by OOO Russkie Internet Reshenija has been known to be a potentially unwanted program that has been detected by 1 anti-malware scanner. Although a detection has been made for this resource, it is generally a commonly distributed 3rd-party library and is typically safe by itself.
Publisher:
The OpenSSL Project, http://www.openssl.org/  (signed by OOO Russkie Internet Reshenija)

Product:
The OpenSSL Toolkit

Description:
OpenSSL Shared Library

Version:
1.0.1e

MD5:
a71e4603bde4be83809f1e2e07d671e9

SHA-1:
fbf17d9dc65587770fd61fde3937316ab95f32e9

SHA-256:
0acfa74a823cacddb8f110894529b1d330d8e80a1da9d25fb9b031a0e0b9b8e7

Scanner detections:
1 / 68

Status:
Inconclusive but possibly unwanted  (It is part of a common redistributable library)

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/5/2024 10:56:43 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Common.OpenSSLPackaged.PUP.OOORusskieInternetReshenija (M)
15.6.30.6

File size:
266.4 KB (272,768 bytes)

Product version:
1.0.1e

Copyright:
Copyright © 1998-2005 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.

Original file name:
ssleay32.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\roaming\4talk\libs\openssleay32.dll

Digital Signature
Signed by:
OOO Russkie Internet Reshenija

Authority:
Thawte, Inc.

Valid from:
12/29/2012 4:00:00 AM

Valid to:
2/28/2015 3:59:59 AM

Subject:
CN=OOO Russkie Internet Reshenija, OU=IT Department, O=OOO Russkie Internet Reshenija, L=Moscow, S=Moscow, C=RU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
70E974F1D705599BD16FE4CFA4DA84A9

File PE Metadata
Compilation timestamp:
10/31/2013 12:59:03 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
6144:av2jNs+sQxH573TVsSagqUQtVUtloiE9Px3xDtuZ9W/4c0dvVuKBaONoWYezVPqv:avN+sQh573TVDagXWVUtlPE9Px3xDtui

Entry address:
0x31340

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 3A, 04, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, CC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 58, 0F, 04, 10, 89, 0D, 54, 0F, 04, 10, 89, 15, 50, 0F, 04, 10, 89, 1D, 4C, 0F, 04, 10, 89, 35, 48, 0F, 04, 10, 89, 3D, 44, 0F, 04, 10, 66, 8C, 15, 70, 0F, 04, 10, 66, 8C, 0D, 64, 0F, 04, 10, 66, 8C, 1D, 40, 0F, 04, 10, 66, 8C, 05, 3C, 0F, 04, 10, 66, 8C, 25, 38, 0F, 04, 10, 66, 8C, 2D, 34, 0F, 04, 10, 9C, 8F, 05, 68, 0F...
 
[+]

Code size:
194.5 KB (199,168 bytes)

Scan openssleay32.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.