home

ssinstall.dll

AVSoftware EOOD

The module ssinstall.dll by AVSoftware EOOD has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
AVSoftware EOOD  (signed and verified)

MD5:
567f95f0d7a96fa4ac3f5f2302c7fb35

SHA-1:
2ad97de03c8e638065999708cdbe4e13b679c934

SHA-256:
abdf295086ad7fba686f435acf9619f851f7909bd730b70ec9067f706bb626c3

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/23/2024 4:30:06 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.AVSoftware EOOD.AVSoftwareEOOD (M)
16.1.7.22

File size:
1.8 MB (1,869,544 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\searchassist\1_3\ssinstall.dll

Digital Signature
Signed by:
AVSoftware EOOD

Authority:
Symantec Corporation

Valid from:
12/30/2015 7:00:00 PM

Valid to:
6/3/2016 7:59:59 PM

Subject:
CN=AVSoftware EOOD, O=AVSoftware EOOD, L=Sofia, S=Sofia, C=BG

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
57ABCD2BCF9FD1CFD5A1BABF2579820E

File PE Metadata
Compilation timestamp:
1/7/2016 11:02:25 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:lyweUGsBhbuZPK/DOG7wmcxF7/BuSEiA+V7b1RplafAzQQAbvzxR4EB+dKH4y:AbhXCDOVmcbgS/VmIcX4EBvH4y

Entry address:
0x1896FC

Entry point:
55, 8B, EC, 83, C4, C0, B8, 00, FB, 57, 00, E8, F0, 1C, E8, FF, E8, 1F, CF, E7, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.5221

Developed / compiled with:
Microsoft Visual C++

Code size:
1.5 MB (1,605,120 bytes)

Remove ssinstall.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.