» qtiplayer40.dll
Overview
Analysis
File Details
Downloads (4)

qtiplayer40.dll

File name:

qtiplayer40.dll

MD5:

cda960b1f1c437243a0b0a4ba02d54d1

SHA-1:

d74fd94f79daf8ff5e92dbf19dc0cfcb9a30b8be

SHA-256:

33fdbf833d4f755feab05f6f6887e7b4903f77d7a129cfcf5ab56a40903811d1

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/16/2024 8:33:49 PM UTC (today)

File size:

66.1 KB (67,692 bytes)

File type:

Dynamic link library (Win64 DLL)

Common path:

C:\Documents and Settings\{user}\Local settings\temporary internet files\content.ie5\{random}\qtiplayer40.dll

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

1536:CcffgiF8fVcMEmMKiEwzZTMZvYol0LL59oBt3VSPD:Hj2EmUndolw5WsD

Entry point:

4D, 53, 43, 46, 00, 00, 00, 00, 6C, 08, 01, 00, 00, 00, 00, 00, 2C, 00, 00, 00, 00, 00, 00, 00, 03, 01, 01, 00, 01, 00, 00, 00, 00, 00, 00, 00, 4C, 00, 00, 00, 08, 00, 03, 15, 00, 90, 03, 00, 00, 00, 00, 00, 00, 00, 45, 3E, D3, 94, 20, 00, 51, 54, 49, 50, 6C, 61, 79, 65, 72, 34, 30, 2E, 64, 6C, 6C, 00, 14, C7, 32, EB, 20, 25, 00, 80, 5B, 80, 80, 8D, 27, 20, 16, AB, 6D, DB, 00, B0, 42, 00, 24, 23, 00, 00, 00, 00, FF, 0F, DB, BE, DE, F6, E5, B7, 97, 94, 40, 4A, 60, 4A, 4C, D8, 43, 2E, C8, 2E, 74, E5, BB, 90... 
[+]

Entropy:

7.9962 (probably packed)

The file qtiplayer40.dll has been seen being distributed by the following 4 URLs.

http://mylabs.px.pearsoned.com/SIMrepository/web/.../wxOpIBII7IUdYgP2GP&SessionID=vn5qedntxipy3xki0mofbl5n

http://mylabs.px.pearsoned.com/SIMrepository/.../servecontent.pctp?intAssetID=501&FileMode=3&TokenID=o7BCPvps9Uhg94w5taZmyICUe3yozu4j&SessionID=c3z0pp4oz2ktgrbc2agmo2ei

http://mylabs.px.pearsoned.com/SIMrepository/web/.../UyowKQys8hFMAuMHS&SessionID=2hmgl2x0ezqsc3gqijvtc5el

http://mylabs.px.pearsoned.com/SIMrepository/.../servecontent.pctp?intAssetID=501&FileMode=3&TokenID=8qwGBHbQMcUcXeQOXkQukqJjpIQ1ADRy&SessionID=sqwpozcdci55sfuvrk22oajl

Scan qtiplayer40.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.