home

trackerui.dll

The library trackerui.dll has been detected as malware by 11 anti-virus scanners. The file has been seen being downloaded from cssetti.pl and multiple other hosts.
MD5:
eac0528b87a7d2d61b4b6ffd344e6020

SHA-1:
08666e7fe73e9d525173e6ea3199e839c8b8aa6c

SHA-256:
fc445c9ce2604aadc014a828cd6850816ee45899e566dca42c1990df41508cfa

Scanner detections:
11 / 68

Status:
Malware

Analysis date:
11/17/2024 9:35:06 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Kazy.513101
360

Avira AntiVirus
TR/Kazy.145408.4
7.11.199.148

Bitdefender
Gen:Variant.Kazy.513101
1.0.20.200

Emsisoft Anti-Malware
Gen:Variant.Kazy.513101
8.16.02.09.01

F-Secure
Gen:Variant.Kazy.513101
11.2016-09-02_3

G Data
Gen:Variant.Kazy.513101
16.2.24

McAfee
Artemis!EAC0528B87A7
5600.6494

MicroWorld eScan
Gen:Variant.Kazy.513101
17.0.0.120

Qihoo 360 Security
Win32/Trojan.aaf
1.0.0.1015

Rising Antivirus
PE:Trojan.Win32.Generic.17E474E7!400848103
23.00.65.16207

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.26.3

File size:
142 KB (145,408 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\trackerui.dll

File PE Metadata
Compilation timestamp:
1/3/2015 8:21:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.22

CTPH (ssdeep):
3072:W83mpFmRTeHD6hEiggqjd7g11FDgtWF5pUAFrPeOzj/yWrdl:WYCFp6hEB5W1utInZGkj/yod

Entry address:
0x92190

Entry point:
80, 7C, 24, 08, 01, 0F, 85, F9, 01, 00, 00, 60, BE, 15, F0, 1A, 69, 8D, BE, EB, 1F, F9, FF, C7, 87, 58, 50, 08, 00, 40, F7, 04, 1B, 57, EB, 0E, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03...
 
[+]

Code size:
144 KB (147,456 bytes)

The file trackerui.dll has been seen being distributed by the following 2 URLs.

http://cssetti.pl/pliki/.../TrackerUI.DLL

http://csiks.pl/pliki/.../TrackerUI.DLL

Remove trackerui.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.