Reason Labs

a.dll

The library a.dll has been detected as malware named Trojan.Elex.Archer.
MD5:
f5afbb649d183134cb2d54a8ec12430a

SHA-1:
13978883058a01e108a30d887fe6eebd1ea14c9f

SHA-256:
f9b3b68ebf3be5b56495684115f7be2d67e69489c4747b58e960046378eadf1d

Detection:
Trojan.Elex.Archer

Risk:
Medium

Analysis date:
10/21/2018 12:10:46 AM UTC  (today)

File size:
688 KB (704,512 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\a.dll

File PE Metadata
Compilation timestamp:
2/9/2017 4:10:39 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

Entry address:
0x2D657

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 30, CD, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, F0, AB, 08, 10, E8, 9A, 09, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 80, F4, 09, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 7C, E5, 07, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Entropy:
6.3432

Developed / compiled with:
Microsoft Visual C++

Characteristics:
0x8450

Code size:
499 KB (510,976 bytes)

There are numerous known code variantions that share the same compilation structure.

Trojan.Archer
archer.dll  (98acb10513e0af43bb08f349482fcd1d8ca339aa)

Trojan.Archer
archer.dll  (5132c9f5125a8c782f93c41e5d16db9b96c3f003)

Trojan.Archer
archer.dll  (0a6d11d3aea3f49d544de0399927ace3f00ebb60)

Trojan.Archer
archer.dll  (02cb8660b9caa67f1e8711695c06fdd732c95f35)

Trojan.Archer
archer.dll  (fceab492631bc55f5a414ac1e2cc0c7204f26b08)

Trojan.Archer
archer.dll  (04f051d2eb4dc494dde3c66a205ce724c4c21017)

Trojan.Archer
archer.dll  (36efef2006686f306c83602096c7c905c3a360a7)

Trojan.Archer
archer.dll  (0949b1ced2ba818b2001e0aaf521475d59c4f0a9)

Trojan.Archer
archer.dll  (3ccfbbb22578d5aee90bc8b97c56bd88e9e6b190)

Trojan.Archer
archer.dll  (b103f6b4e06686337be20dcf9dd16a6fa390a27c)

Trojan.Archer
archer.dll  (a8fb78e8867d2c71a68470da04b7549d7d19e0a9)

Trojan.Archer
archer.dll  (ea7186ad8788648a6bd3300308fff08467343437)

Trojan.Archer
archer.dll  (3f4f58384ff5b790454a27354e9ce244d2bae494)

Adware.Elex.Archer
archer.dllex.dll  (f908feea51ada37b3b0978cbfdc140a6baa20546)

Trojan.Archer
archer.dll  (8a040d3ce71e18fef5dfef957e86d7ad139e9e00)

Download Reason Core Security - Powerful anti-malware software