home

antivirdll.exe

Bullified Corporation

The executable antivirdll.exe has been detected as malware by 14 anti-virus scanners.
Publisher:
Bullified Corporation  (signed and verified)

Version:
0.0.0.0

MD5:
13c87f73aa0fd80404fa94c8f354ebd0

SHA-1:
f56cc8d54b7e0711e1e3ee3f030639447e1cc845

SHA-256:
7e67e7c9cb243d893d4851d1c9a3fb1988ac0c98ef85647cb432c99dae2c8da8

Scanner detections:
14 / 68

Status:
Malware

Analysis date:
11/27/2024 8:32:52 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Barys.53360
157

Arcabit
Trojan.Barys.DD070
1.0.0.669

AVG
Generic
2017.0.2635

Baidu Antivirus
Win32.Trojan.WisdomEyes.151026.9950
4.0.3.16831

Bitdefender
Gen:Variant.Barys.53360
1.0.20.1220

Emsisoft Anti-Malware
Gen:Variant.Barys.53360
8.16.08.31.05

ESET NOD32
MSIL/Injector.ORS (variant)
10.13333

Fortinet FortiGate
MSIL/Injector.ORS!tr
8/31/2016

F-Secure
Gen:Variant.Barys.53360
11.2016-31-08_4

G Data
Gen:Variant.Barys.53360
16.8.25

Kaspersky
UDS:DangerousObject.Multi.Generic
14.0.0.-331

MicroWorld eScan
Gen:Variant.Barys.53360
17.0.0.732

NANO AntiVirus
Trojan.Win32.ORS.eboexx
1.0.30.7834

Rising Antivirus
PE:Malware.RDM.32!5.26 [F]
23.00.65.16829

File size:
69.2 KB (70,880 bytes)

Product version:
0.0.0.0

Original file name:
KmjL4MhnvcwbvXepRxSzfpAL695TbumXV7uUBJkP0h1XDnGZlCxj1vVH.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\windows\syswow64\antivirdll.exe

Digital Signature
Signed by:
Bullified Corporation

Authority:
Bullified Corporation

Valid from:
3/29/2016 10:43:18 PM

Valid to:
3/30/2026 10:43:18 PM

Subject:
E=adl@bullified.com, CN=Bullified Ltd., OU=MIIO Dept., O=Bullified Corporation, L=Sydney, S=New South Wales, C=AU

Issuer:
E=adl@bullified.com, CN=Bullified Ltd., OU=MIIO Dept., O=Bullified Corporation, L=Sydney, S=New South Wales, C=AU

Serial number:
00D49F2215296B86E7

File PE Metadata
Compilation timestamp:
3/31/2016 4:30:14 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:ANPky2BLcXNRb0CqGVuIe/yTyrRIsO8JhikT9Ilzo:ANMXtqVWRIsO8JhikT+z

Entry address:
0x1259E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 10, 00, 00, 00, 18, 00, 00, 80, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
65.5 KB (67,072 bytes)

Remove antivirdll.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.