home

windows7.dll

MD5:
1882763d087278cba1c54dc5e57dbe57

SHA-1:
612de7f0258fb0e52032efbdc84c8ca6f0a70ab3

SHA-256:
7a562462491fe45b28bc13eb380960883e1a444b289c84f4b458c1704c380725

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/16/2024 8:30:28 PM UTC  (today)

File size:
3.3 MB (3,512,557 bytes)

File type:
Dynamic link library (Win64 DLL)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\content.ie5\u5o2jsta\windows7.dll

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
98304:h1sNviBf7Ewj6ZDBGiwefYO5gCHjmUhlM:h12iBf7Ew+ZDBsP21DXlM

Entry point:
4D, 53, 43, 46, 00, 00, 00, 00, ED, 98, 35, 00, 00, 00, 00, 00, 2C, 00, 00, 00, 00, 00, 00, 00, 03, 01, 01, 00, 01, 00, 00, 00, 00, 00, 00, 00, 49, 00, 00, 00, 5D, 04, 03, 15, 00, 52, 2E, 02, 00, 00, 00, 00, 00, 00, 69, 41, 99, 5C, 20, 00, 77, 69, 6E, 64, 6F, 77, 73, 37, 2E, 64, 6C, 6C, 00, 50, 66, EE, E3, 34, 24, 00, 80, 5B, 80, 80, 8D, 54, 10, D0, B2, 00, 00, 32, 42, 00, 24, 00, 00, 0F, 00, BE, FF, 57, 5F, F5, D6, DA, D6, B6, D9, DA, D6, 40, DB, C8, D8, 03, 67, 01, 89, 50, D8, A8, 4C, 73, 7D, 19, 02, 4E...
 
[+]

Entropy:
7.9977  (probably packed)

The file windows7.dll has been seen being distributed by the following 3 URLs.

http://mylabs.px.pearsoned.com/SIMrepository/web/.../wxOpIBII7IUdYgP2GP&SessionID=vn5qedntxipy3xki0mofbl5n

http://mylabs.px.pearsoned.com/SIMrepository/web/.../UyowKQys8hFMAuMHS&SessionID=2hmgl2x0ezqsc3gqijvtc5el

http://mylabs.px.pearsoned.com/SIMrepository/.../servecontent.pctp?intAssetID=639&FileMode=3&TokenID=8qwGBHbQMcUcXeQOXkQukqJjpIQ1ADRy&SessionID=sqwpozcdci55sfuvrk22oajl

Scan windows7.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.