home

trackerui.dll

The library trackerui.dll has been detected as malware by 9 anti-virus scanners. The file has been seen being downloaded from csiks.pl and multiple other hosts.
MD5:
90544363cdb47d7447ec414ee5141253

SHA-1:
e5aa37c8f4cd410d154a9ffb56171dca37d5fed1

SHA-256:
2c0f7c845784a8694417ec334487dbdb4aef8b5571eb4a391b4cb735c43f3897

Scanner detections:
9 / 68

Status:
Malware

Analysis date:
11/17/2024 9:37:19 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Spy.148258
7.11.151.92

Bitdefender
Gen:Trojan.Heur.D.jmRfbeoqXGj
1.0.20.755

Emsisoft Anti-Malware
Gen:Trojan.Heur.D.jmRfbeoqXGj
8.14.05.31.01

F-Secure
Gen:Trojan.Heur.D.jmRfbeoqXGj
11.2014-31-05_7

G Data
Gen:Trojan.Heur.D.jmRfbeoqXGj
14.5.24

IKARUS anti.virus
Trojan.Win32.Spy
t3scan.1.6.1.0

MicroWorld eScan
Gen:Trojan.Heur.D.jmRfbeoqXGj
15.0.0.453

Norman
Suspicious_Gen5.AOSJF
11.20140531

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.26.0

File size:
144.8 KB (148,258 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\trackerui.dll

File PE Metadata
Compilation timestamp:
4/16/2014 12:48:25 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.23

CTPH (ssdeep):
3072:HN5nbS3InI+sHv0SW4aMGiz+NEoymY2MGAwN/K6786TEnCAIpi9MxipEl7BuHBT0:t5bSYn3Uv0Ma7wa1SGAwN/K6786TEnCR

Entry address:
0x476D0

Entry point:
80, 7C, 24, 08, 01, 0F, 85, D1, 01, 00, 00, 60, BE, 15, 30, AF, 63, 8D, BE, EB, DF, FC, FF, 57, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB...
 
[+]

Code size:
84 KB (86,016 bytes)

The file trackerui.dll has been seen being distributed by the following 3 URLs.

http://csiks.pl/pliki/.../TrackerUI.DLL

http://serwery.amxx.pl/.../TrackerUI.DLL

http://cssetti.pl/pliki/.../TrackerUI.DLL

Remove trackerui.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.