Reason Labs

VERSION.DLL

Version Checking and File Installation Libraries

Microsoft Corporation

It is included with the Windows 7 OS. The file has been seen being downloaded from update.ad-spider.com and multiple other hosts.
Publisher:
Microsoft Corporation

Product:
Microsoft® Windows® Operating System

Description:
Version Checking and File Installation Libraries

 
Part of the Windows 7 Operating System

Version:
6.1.7600.16385 (win7_rtm.090713-1255)

MD5:
94e026870a55aaeaff7853c1754091e9

SHA-1:
a4f845318e095d841b05e1400747ee4c28e1f28e

SHA-256:
b2f5d5629d12bdfa98dbed3898368f37d9009c7531b6909c7285a2c11c9a0f93

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
4/25/2019 9:15:25 AM UTC  (today)

File size:
28.5 KB (29,184 bytes)

Product version:
6.1.7600.16385

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
VERSION.DLL

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\Windows\System32\version.dll

File PE Metadata
Compilation timestamp:
7/13/2009 9:33:54 PM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:gijRxPKAwG4oz5axBrZncEvSbwRmckPxiTr1doy2oO6/N:XRxPes5aVncDUmckPxiTJSoO6/N

Entry address:
0x1064

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 0F, 84, 5E, 02, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, EB, 07, 90, 90, 90, 90, 90, 90, 90, 4C, 89, 44, 24, 18, 89, 54, 24, 10, 48, 89, 4C, 24, 08, 53, 56, 57, 48, 81, EC, 40, 01, 00, 00, 8B, FA, 48, 8B, F1, BB, 01, 00, 00, 00, 89, 5C, 24, 20, 89, 15, 38, 6F, 00, 00, 85, D2, 0F, 84, 73, 03, 00, 00, 83, FA, 01, 74, 05, 83, FA, 02, 75, 32, 48, 8B...
 
[+]

Entropy:
5.5057

Code size:
17 KB (17,408 bytes)

The file VERSION.DLL has been seen being distributed by the following URLs.

http://update.ad-spider.com/adspider2010/.../version_WIN7_64.dll

http://update2.ad-spider.com/adspider2010/.../version_WIN7_64.dll

http://update.ad-spider.com/adspider2010_X64/.../version_WIN7_64.dll

http://update.gratolab.com/X64/.../version_WIN7_64.dll

Clean
kernel32.dll  (f9ac70c562ba70dd7917e99b00ed6878531de66f)

Clean
kernelbase.dll  (90b069cbc93c701394b47d4e830cdd7d384f5d5c)

Clean
ntdll.dll  (3a2bae6036ff2d23309a7b93ab562494c50df236)

Clean
shlwapi.dll  (0ba38e91bf0e9d554e8dfea0ed6ea1214f9952a3)

Clean
gdi32.dll  (6a20fe18619dc46e379c42f12ed761749053cbf9)

Clean
user32.dll  (8b997b38e179cd03c0a2e87bddbc1ebca39a8630)

Clean
advapi32.dll  (453d4c3bf4a489433b593420a37bbffb7749875a)

Clean
msvcrt.dll  (df2756c114ca2d3b2b16d459a93f285924a55202)

Clean
sechost.dll  (2ae4ea1e2f2248a86f0dd25a1cbf828b5496fa79)

Clean
rpcrt4.dll  (0a2886a248c8d157ba89f4d5296a0b30f1a6424c)

Clean
sspicli.dll  (fda5de62a80510b1e02dae814cd6caa0a8fa035f)

Clean
cryptbase.dll  (d5fefb6b6ab0591f28d878b2d05e301ddc7957ab)

Clean
lpk.dll  (769bd7c18f82272b110f3bad913b28b0f7401d09)

Clean
userenv.dll  (83d1722a35eb16b010d8c9f72c627e97d4642101)

Clean
PROFAPI.DLL  (263e8fbf77c0ceead0c9bca56394bffa4a664361)

Clean
winmm.dll  (c53e005cd04d99331ce3114ac119256133202313)

Download Reason Core Security - Powerful anti-malware software