home

psapi.dll

Vulnerability and Exploit Detector

Stefan Kanthak

Publisher:
eSKamation http://eskamation.de/  (signed by Stefan Kanthak)

Product:
Vulnerability and Exploit Detector

Description:
Modul zur Demonstration und Erkennung von Schwachstellen

Version:
1.0.11.0

MD5:
9bd0411d80db54fcd969f863eeaf5999

SHA-1:
6f63f3d873c3187078aa1dd31cef5889544f1587

SHA-256:
425daa1ae7b9e72901f2ec7c0076ebbe67c3cbdac83c496804656d417c3635c0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 6:51:33 PM UTC  (today)

File size:
25.1 KB (25,752 bytes)

Product version:
1.0

Copyright:
Copyright © 2004-2016, Stefan Kanthak

Original file name:
FORWARD.DLL

File type:
Dynamic link library (Win32 DLL)

Language:
German (Germany)

Digital Signature
Signed by:
Stefan Kanthak

Authority:
1&1 Mail & Media GmbH

Valid from:
9/11/2015 8:55:13 PM

Valid to:
9/10/2016 8:55:13 PM

Subject:
E=stefan.kanthak@web.de, CN=Stefan Kanthak, L=München, C=DE

Issuer:
E=trust@web.de, CN=WEB.DE TrustCenter E-Mail Certification Authority, OU=Trust Center, O=1&1 Mail & Media GmbH, L=D-76135 Karlsruhe, S=Baden-Wuerttemberg, C=DE

Serial number:
04605052

File PE Metadata
Compilation timestamp:
2/29/2016 5:16:30 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
384:rXfmf/t24zgZzi1XeGAca3elMonYPLtzsr38Ui6Yx+:otxzgZBca3erQzsri6o+

Entry address:
0x1000

Entry point:
55, 8B, EC, 51, 8B, 45, 0C, 89, 45, FC, 83, 7D, FC, 03, 0F, 87, F7, 01, 00, 00, 8B, 4D, FC, FF, 24, 8D, 38, 14, 00, 10, FF, 15, 50, 20, 00, 10, A3, 60, 30, 00, 10, 83, 3D, 60, 30, 00, 10, 00, 75, 02, EB, 6A, 68, 64, 30, 00, 10, 68, 0A, 02, 00, 00, 68, 40, 3B, 00, 10, 6A, 02, 8B, 15, 60, 30, 00, 10, 52, FF, 15, 4C, 20, 00, 10, 85, C0, 75, 02, EB, 46, 68, 40, 3B, 00, 10, 68, C8, 21, 00, 10, FF, 15, 40, 20, 00, 10, 85, C0, 75, 32, 6A, 00, 6A, 0C, 68, 68, 30, 00, 10, 6A, 01, A1, 60, 30, 00, 10, 50, FF, 15, 4C...
 
[+]

Entropy:
5.4865

Developed / compiled with:
Microsoft Visual C++

Code size:
1.5 KB (1,536 bytes)

Scan psapi.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.