» s1t.dll
Overview
Analysis
File Details
Downloads (1)

s1t.dll

The module s1t.dll has been detected as a potentially unwanted program by 20 anti-malware scanners. The file has been seen being downloaded from conexaocheats.net.

File name:

s1t.dll

MD5:

4d864b7c8d71d44db44bac01307328fb

SHA-1:

de40d759423d4ab8c0aaa1ddadce232a2240e0aa

SHA-256:

91d028cd44471e123aa37c3846d23039c1b96fdb9b46a8e35ffdf860304d3123

Scanner detections:

20 / 68

Status:

Potentially unwanted

Analysis date:

12/26/2024 1:55:33 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.14774691

384

Avira AntiVirus

TR/Black.Gen2

8.3.1.6

Arcabit

Trojan.Generic.DE171A3

1.0.0.425

avast!

Win32:Malware-gen

2014.9-160117

AVG

Win32/Blacked

2017.0.2862

Baidu Antivirus

PUA.Win32.VMProtect

4.0.3.16117

Bitdefender

Trojan.Generic.14774691

1.0.20.85

Emsisoft Anti-Malware

Trojan.Generic.14774691

8.16.01.17.03

ESET NOD32

Win32/Packed.VMProtect.ABD (variant)

10.11888

Fortinet FortiGate

W32/VMProtBad.A!tr

1/17/2016

F-Secure

Trojan.Generic.14774691

11.2016-17-01_1

G Data

Trojan.Generic.14774691

16.1.25

IKARUS anti.virus

Trojan.Win32.VMProtect

t3scan.1.9.5.0

K7 AntiVirus

Trojan

13.205.16459

McAfee

Artemis!4D864B7C8D71

5600.6518

MicroWorld eScan

Trojan.Generic.14774691

17.0.0.51

nProtect

Trojan.Generic.14774691

15.07.03.02

Qihoo 360 Security

HEUR/QVM36.0.Malware.Gen

1.0.0.1015

Sophos

Mal/VMProtBad-A

4.98

VIPRE Antivirus

Trojan.Win32.Generic

41694

File size:

127.5 KB (130,560 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\appdata\local\temp\s1t.dll

File PE Metadata

Compilation timestamp:

5/20/2015 7:12:59 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

3072:9c4OrPagQbrQ52xQS0BMjtscRZeSBM7suSUCaro2ZJg7xUEnFE+VxGvM:erPlusIWWsc/ew8suFPo2fYhnFE+zGvM

Entry address:

0x1FD17

Entry point:

E8, 05, 59, FF, FF, A5, 20, FC, BC, 8E, FB, 79, B0, 8C, 23, BB, E8, CA, AB, B9, 60, 9C, 60, C2, 3F, FD, A4, 36, 13, F1, 3C, 1E, 97, 2B, 13, 4F, D7, 0B, 63, 71, A7, A6, 57, 85, 06, 64, A3, F4, F3, 2F, 0B, 49, 48, 65, 5E, AD, 5E, CF, 1D, D6, 72, 25, 06, E3, 81, BA, C8, 0F, 2B, 67, 53, 11, DE, 44, C9, AB, 5A, 8E, 2E, 6A, F2, 90, 5F, 0F, 4B, 97, F3, B7, 65, 32, 46, 9A, 62, F0, 62, 1E, 58, A3, F3, B7, 9A, A9, D3, 67, 51, 12, 2D, 83, 6A, 44, 26, B9, CB, 8C, 1E, A5, E1, 3D, F5, 27, E0, 75, 33, 85, D9, AB, 6C, 3C... 
[+]

Code size:

13 KB (13,312 bytes)

The file s1t.dll has been seen being distributed by the following URL.

http://conexaocheats.net/loader/.../WFBR2005.dll

Remove s1t.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.