home

testcode.dll

MD5:
cf5aed527d97391260c8af604e0e4f28

SHA-1:
19ac9bea4594609ee9c781eb07022610a7c5f65d

SHA-256:
ca728add58ebdc9bc94dd597442f83b099f6e067fafd47ddc9dc9f635f46a670

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/2/2024 1:32:22 PM UTC  (today)

Scan engine
Detection
Engine version

ViRobot
Backdoor.Win32.A.Hupigon.29184.E
2011.4.7.4223

File size:
28.5 KB (29,184 bytes)

File type:
Dynamic link library (Win32 DLL)

File PE Metadata
Compilation timestamp:
4/28/2012 2:50:24 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
384:mfVrMh3aJjXtV/Qhq0iDdJOCNYydwvkwUb3paB1PViCaG:oVrMFaRY9SCCG3UUB1diQ

Entry address:
0x110E6

Entry point:
E9, 65, 0D, 00, 00, E9, 9A, 27, 00, 00, E9, 7B, 19, 00, 00, E9, E6, 19, 00, 00, E9, 41, 0D, 00, 00, E9, 58, 06, 00, 00, E9, 75, 27, 00, 00, E9, 32, 19, 00, 00, E9, 8F, 27, 00, 00, E9, 48, 27, 00, 00, E9, 63, 06, 00, 00, E9, 86, 25, 00, 00, E9, 4B, 27, 00, 00, E9, 54, 07, 00, 00, E9, 75, 1B, 00, 00, E9, 5A, 06, 00, 00, E9, DD, 26, 00, 00, E9, 00, 1B, 00, 00, E9, 33, 27, 00, 00, E9, D4, 26, 00, 00, E9, 61, 1F, 00, 00, E9, 0C, 03, 00, 00, E9, 5D, 19, 00, 00, E9, 08, 27, 00, 00, E9, 5D, 19, 00, 00, E9, 78, 1C...
 
[+]

Entropy:
4.3160

Developed / compiled with:
Microsoft Visual C++ 8.0 (Debug)

Code size:
14.5 KB (14,848 bytes)

The file testcode.dll has been seen being distributed by the following 5 URLs.

http://download1670.mediafire.com/zcjq6fc6245g/.../ROBLOX DLL Hack!.dll

http://download2166.mediafire.com/jksloyt51ktg/.../Robloxexploit.dll

http://download2166.mediafire.com/ga3yrc8z8xag/.../Robloxexploit.dll

q=https://dl.dropbox.com/u/.../textcode.dll&redir_token=tMhohQi90jeMwEhLHW9eaOANXpZ8MTQyMDg0NDYyNEAxNDIwNzU4MjI0

http://205.196.121.232/jlw7a8swtvtg/.../Textcode.dll.dll

Scan testcode.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.