home

riched20.dll

Microsoft RichEdit Control, version 4.0

Microsoft Corporation

Publisher:
Microsoft Corporation

Product:
Microsoft RichEdit Control, version 4.0

Description:
Rich Text Edit Control, v4.0

Version:
5.40.11.2210

MD5:
6b53c96b13b4295f4758efc8f36faf5c

SHA-1:
313ba16c49717bd0eb6aac999b06f20704e2e594

SHA-256:
68b490d6b4fb2bef33cbe9cc9467829b05896e91e1399a59d55b285ece3167cf

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 10:46:13 PM UTC  (today)

File size:
512 KB (524,339 bytes)

Product version:
4.0

Copyright:
Copyright © Microsoft Corp. 1997-2000.

Original file name:
riched20.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Language Neutral

Common path:
C:\Program Files\common files\microsoft shared\office10\riched20.dll

File PE Metadata
Compilation timestamp:
2/8/2001 6:51:06 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:k5wqDfTAI4uA7r7guhxBmbe1c1Strzj3MLSm/YrKhJXqo:k+M7AI4uATgu9SWrHJm/vF

Entry address:
0xF8C7

Entry point:
83, 7C, 24, 08, 00, 56, 0F, 85, EA, 00, 00, 00, E8, 4A, 04, 00, 00, E8, 72, 04, 00, 00, E8, 92, 04, 00, 00, E8, F2, 05, 00, 00, E8, 6F, 06, 00, 00, E8, 85, 06, 00, 00, E8, 97, 06, 00, 00, 8B, 35, 20, 30, 07, 48, 85, F6, 0F, 85, A6, 8E, 02, 00, 8B, 35, 68, 32, 07, 48, 85, F6, 0F, 85, AB, 8E, 02, 00, 83, 25, 68, 32, 07, 48, 00, E8, 80, 06, 00, 00, A1, F0, 31, 07, 48, 85, C0, 74, 5B, 50, 68, D0, 33, 07, 48, FF, 15, A8, C2, 06, 48, FF, 35, F0, 31, 07, 48, 68, E0, 33, 07, 48, E8, 69, 06, 00, 00, 83, 3D, CC, 33...
 
[+]

Entropy:
6.5893

Code size:
428 KB (438,272 bytes)

The file riched20.dll has been seen being distributed by the following 2 URLs.

ftp://10.0.153.250/AUTO CAD/autocad07/Bin/acadFeui/Program Files/Common Files/Microsoft Shared/.../RICHED20.DLL

http://deploy.avreo.com/downloads/.../riched20.dll

Scan riched20.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.