home

trackerui.dll

The library trackerui.dll has been detected as malware by 11 anti-virus scanners. The file has been seen being downloaded from csiks.pl and multiple other hosts.
MD5:
f9299db302e9c8e81e67379dfcd8d190

SHA-1:
dd6da1b1650230003adf0bc5da6f7e8d9fcfa177

SHA-256:
93ceec5957e5600055483d5f322c5ea8fde2955d6e77305c7c4a73297289cecd

Scanner detections:
11 / 68

Status:
Malware

Analysis date:
11/17/2024 9:22:40 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Trojan.Heur.D.kmRfbOGQmUi
893

Avira AntiVirus
TR/Spy.168143
7.11.167.210

AVG
Win32/DH
2015.0.3371

Bitdefender
Gen:Trojan.Heur.D.kmRfbOGQmUi
1.0.20.1185

Emsisoft Anti-Malware
Gen:Trojan.Heur.D.kmRfbOGQmUi
8.14.08.25.09

F-Secure
Gen:Trojan.Heur.D.kmRfbOGQmUi
11.2014-25-08_2

G Data
Gen:Trojan.Heur.D.kmRfbOGQmUi
14.8.24

McAfee
Artemis!F9299DB302E9
5600.7027

MicroWorld eScan
Gen:Trojan.Heur.D.kmRfbOGQmUi
15.0.0.711

Trend Micro House Call
TROJ_GEN.R08NH09HH14
7.2.237

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.26.3

File size:
164.2 KB (168,143 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\trackerui.dll

File PE Metadata
Compilation timestamp:
8/14/2014 6:47:20 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.22

CTPH (ssdeep):
3072:culR273eUd0C6EKavZjItptGibxZddg/5867863EApVAKOCBuHBNmTSIrVmkqibA:culR273eZjEVvtI/cibxZddg/586786s

Entry address:
0x3E440

Entry point:
80, 7C, 24, 08, 01, 0F, 85, D1, 01, 00, 00, 60, BE, 15, E0, DE, 64, 8D, BE, EB, 2F, FD, FF, 57, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB...
 
[+]

Entropy:
6.3725

Code size:
68 KB (69,632 bytes)

The file trackerui.dll has been seen being distributed by the following 2 URLs.

http://csiks.pl/pliki/.../TrackerUI.DLL

http://cssetti.pl/pliki/.../TrackerUI.DLL

Remove trackerui.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.