Suspicious
Suspect

jli.dll

PE Executable
|
MD5: 6c087d03c592aaecfff1a8d3d744d9aa
|
Size: 2.48 MB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
6c087d03c592aaecfff1a8d3d744d9aa
Sha1
2da1c4159ae834fe48931670e6c862d85ceecd3e
Sha256
d3ef22ff7480303a40babe5824573de313ba1f5e3e0d2279afcce55734f17a8f
Sha384
adcb4a13f6774e533d2fcd3a5c862bbdfc4e50c56159d5c5a65cc5a664f84252112f9e049ede705afd5bdd40b21245fb
Sha512
7cfb28751cd429dbb1327cbf5aaa5742dd0274e17eaf34abd4fec666cbab8f285acfaa3173ebfe641aaa0c11a3e5a00a4fa2f929adc9b4b82e7eca67cb78d42b
SSDeep
49152:nFoJHD5I9auP5+0q1vbh4g7Yj4OOyQ5MvfWcGgdMMh1Jf/JM81FxDRSyQx/O7e:KIUeHZXJf/JndRSyQ
TLSH
2AB5CE15E3A801B8D82BD734CA559333DAB0B8524730E58F069DD6162F77EA29B3F316

PeID

MASM/TASM - sig4 (h)
Microsoft Visual C++ v6.0 DLL
Microsoft v12.00 64bit C++ DLL - sign ASL ( 64 bit )
File Structure
jli.dll
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.managed
hydrated
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
Artefacts
Name
 Value
PDB Path

C:\Windows\Microsoft.Va0fc1948#\EnterpriseMgmt\AxImp\System.Security.Principal\WMI\2.pdb
jli.dll (2.48 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙