sporder.dll

WinSock2 reorder service providers

Atom Security OOO

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The module sporder.dll, “WinSock2 reorder service providers” by Atom Security OOO has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Microsoft Corporation  (signed by Atom Security OOO)

Product:
Microsoft® Windows® Operating System

Description:
WinSock2 reorder service providers

Version:
5.2.3790.0 (srv03_rtm.030324-2048)

MD5:
1647ed04b19b8b8ade3c082c79bce8a8

SHA-1:
d4e6c437de5e2298160ff8ca135d8489280357f3

SHA-256:
34652f22426249966f406654ae5cf29f458e8c1778c93051a708810bce20beee

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/28/2024 2:44:46 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.AtomSecu
16.10.4.14

File size:
16.1 KB (16,472 bytes)

Product version:
5.2.3790.0

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
sporder.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\ltprx\sporder.dll

Digital Signature
Authority:
COMODO CA Limited

Valid from:
6/27/2014 4:00:00 AM

Valid to:
6/28/2015 3:59:59 AM

Subject:
CN=Atom Security OOO, OU=development, O=Atom Security OOO, STREET="Academician Koptyuga Prospect, 4,office 158", L=Novosibirsk, S=nso, PostalCode=630090, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
008200A1D4B7C395979CA095ACAC936522

File PE Metadata
Compilation timestamp:
3/25/2003 1:46:36 PM

OS version:
5.2

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
192:Mb+NFZv/IcZvJIRTCf0MON8JfhW1qoX8WmnYe+PjPpbbhXHOrpg2I7uGauospvxD:RzZvAcZx5sMLW1xX8WmnYPLnOrLiqI

Entry address:
0x1130

Entry point:
33, C0, 40, C2, 0C, 00, 55, B8, 84, 23, 00, 00, 8D, AC, 24, 68, FB, FF, FF, E8, 78, 0B, 00, 00, A1, 34, 21, A7, 47, 53, 68, BC, 10, A7, 47, 89, 85, 94, 04, 00, 00, FF, 15, 24, 10, A7, 47, 33, DB, 3B, C3, 74, 23, 68, A4, 10, A7, 47, 50, FF, 15, 20, 10, A7, 47, 3B, C3, 74, 13, FF, B5, A4, 04, 00, 00, FF, B5, A0, 04, 00, 00, FF, D0, E9, B7, 03, 00, 00, 81, BD, A4, 04, 00, 00, E8, 03, 00, 00, 89, 9D, 80, 00, 00, 00, 76, 08, 6A, 08, 58, E9, 9D, 03, 00, 00, 68, 1C, 21, A7, 47, 53, 53, FF, 15, 1C, 10, A7, 47, 3B...
 
[+]

Code size:
4 KB (4,096 bytes)

Remove sporder.dll - Powered by Reason Core Security