home

SHDocVw.dll

Assembly imported from type library SHDocVw

Product:
Assembly imported from type library SHDocVw

Version:
1.1.0.0

MD5:
bed1809e37f1454e211f6915eb1889bc

SHA-1:
f3fad706566f40627b595381c3fee827c574a698

SHA-256:
5d4ad7804e7ec4f6cd68cde6a3b4231742abfc17fc7bb8cc6a731d2553aedb96

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/14/2024 9:22:47 PM UTC  (today)

File size:
128 KB (131,072 bytes)

Product version:
1.1.0.0

Original file name:
SHDocVw.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\shdocvw.dll

File PE Metadata
Compilation timestamp:
1/17/2006 11:19:56 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:zgZqe+Ocdmv4ZC7kV+HAx6zg7VxuLYlSfsJWTg9an0h+bIVCv85mjQtK3En73Z3F:zgZqe+Ocdmv4ZC7kV+HAx6zg7VxuLYlz

Entry address:
0x1E78E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.2814

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
116 KB (118,784 bytes)

The file SHDocVw.dll has been seen being distributed by the following 3 URLs.

http://fr.kimia.gov.my/.../SHDocVw.DLL

http://localhost/STARLIMS11.SQL/.../SHDocVw.DLL

https://sasprod.starlimscloud.com/starlims11.sas.prod/.../SHDocVw.DLL

Scan SHDocVw.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.