The test dll File Malware Analysis
Gridinsoft Logo

The test.dll File Analysis

Updated 1 year ago
Checked by Malware Check
test.dll

Technical Analysis

File Name test.dll
File Type
Win32 DLL
Magic Bytes PE32+ executable (DLL) (console) x86-64, for MS Windows
SSDEEP Hash
768:8I64gvWEU9weHSxy1x7mWV8o86vsCSNDvT/zg64wRUVa6QvglRWu3Kdm2we29sO:L0Aw08o8MsCSZT/zBRUZQv+WY6G19s
Scanner Version 1.0.165.174
Database Version 2024-02-18 21:00:22 UTC

Suspicious File Detected

Detected by 18 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
26%
Detection Rate
87,552
File Size (bytes)
18/70
Engines Detected
2024-02-18
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
851915b28b18344d6e9884bec94a55f8
SHA1
4e632d7024acaad96fe8fbb2f939ce736df66552
SHA256
5c23976791858bf33b649d9068a102bfee948f0e1b5db669ae854a6ade5a1cb1
SHA512
b138cbefbc63a51ea617a61a608c45bafa72c9bb799d9700744ebf49f53148517023a7d988366a9548049ed0a0e3a7bcc0fb7b5dbc6c02b297b1d27c7cbd609c
ImpHash
3a71f698cff7d8742d6672d014462008

Security Engines with Detections (18 of 70)

MicroWorld-eScan
Gen:Variant.Midie.142178 Malicious
FireEye
Gen:Variant.Midie.142178 Malicious
CrowdStrike
win/malicious_confidence_70% (D) Malicious
ESET-NOD32
a variant of Win64/GameHack_AGen.UW potentially unsafe Malicious
Cynet
Malicious (score: 100) Malicious
Kaspersky
VHO:Trojan.Win32.Convagent.gen Malicious
BitDefender
Gen:Variant.Midie.142178 Malicious
Emsisoft
Gen:Variant.Midie.142178 (B) Malicious
VIPRE
Gen:Variant.Midie.142178 Malicious
MAX
malware (ai score=86) Malicious
Microsoft
Program:Win32/Wacapew.C!ml Malicious
Arcabit
Trojan.Midie.D22B62 Malicious
ZoneAlarm
VHO:Trojan.Win32.Convagent.gen Malicious
GData
Gen:Variant.Midie.142178 Malicious
Google
Detected Malicious
ALYac
Gen:Variant.Midie.142178 Malicious
Rising
Trojan.Penguish!8.18A49 (TFE:5:WwLsm3WG3PQ) Malicious
Ikarus
Trojan.Win64.Agent Malicious
52 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Image Base 0x180000000
Entry Point 0x180011070
Compilation Time 2024-02-18 16:43:10
Checksum 0x00000000 (Actual: 0x00023a0e)
OS Version 6.0
PEiD Signatures PE32+ executable (DLL) (console) x86-64, for MS Windows
PDB Path C:\Users\mrkz1337\Downloads\novoline-fortnite-internal-main\novoline-fortnite-internal-main\X64\novoline.pdb
Digital Signature The PE file does not contain a certificate table.
Imports 9 libraries
KERNEL32, USER32, MSVCP140, VCRUNTIME140_1, VCRUNTIME140, api-ms-win-crt-stdio-l1-1-0, api-ms-win-crt-math-l1-1-0, api-ms-win-crt-runtime-l1-1-0, api-ms-win-crt-heap-l1-1-0
Exports 0 functions
Resources 1 Resources
Sections 6 Sections

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 68,446 bytes 68,608 bytes 6.22 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 92F9253B5D5BBF437F12621172F35456
.rdata 0x00012000 14,294 bytes 14,336 bytes 4.54 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 98660D9E8D3E01AA96AA63A728B788DC
.data 0x00016000 18,720 bytes 512 bytes 3.21 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 222E773C43702D788CDF48210E02A423
.pdata 0x0001b000 1,596 bytes 2,048 bytes 4.06 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 76818FFD1E6889BFC3B4952D5F460FA7
.rsrc 0x0001c000 248 bytes 512 bytes 2.52 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 8A48E252156D2953F01762BA42C44C88
.reloc 0x0001d000 100 bytes 512 bytes 1.26 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ D2D679951C0BFF9BF50BFE67BC83F28A

Resource Analysis

Total Resources: 1 (145 bytes)
Resource Type Count Total Size Percentage
RT_MANIFEST 1 145 bytes
100%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

The PE file does not contain a certificate table.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
18 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware