» bifitsigner
Overview
Analysis
File Details
Programs (1)

bifitsigner

Open Joint-Stock Company BIFIT

The file bifitsigner has been detected as malware by 1 anti-virus scanner. This file is typically installed with the program BIFIT Signer by BIFIT.

File name:

bifitsigner

Publisher:

Open Joint-Stock Company BIFIT (signed and verified)

MD5:

3dd7ed5d1b2c463f8efbf77abb75572d

SHA-1:

ad0d895edd654da7631288caec3bbb758eaef601

SHA-256:

d711a479a13bbe6fa97aa726a96d3f4010697592cdf70284a7bb4efd0e8e0363

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

11/15/2024 1:28:48 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Trojan.Downloader (M)

17.3.8.11

File size:

6.3 MB (6,611,632 bytes)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\bifitsigner

Digital Signature

Signed by:

Open Joint-Stock Company BIFIT

Authority:

DigiCert Inc

Valid from:

6/1/2015 3:00:00 AM

Valid to:

6/6/2018 3:00:00 PM

Subject:

CN=Open Joint-Stock Company BIFIT, O=Open Joint-Stock Company BIFIT, L=Moscow, C=RU, PostalCode=105203, STREET="46, ul. Nizhnyaya Pervomayskaya", SERIALNUMBER=1077746075461, OID.1.3.6.1.4.1.311.60.2.1.3=RU, OID.2.5.4.15=Private Organization

Issuer:

CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

0D1C30FB9008667B2635713E39151CC2

File PE Metadata

Compilation timestamp:

2/28/2017 12:37:26 PM

OS version:

6.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

14.0

Entry address:

0x642CAE

Entry point:

EB, 08, 9A, C8, 61, 00, 00, 00, 00, 00, E9, 73, 03, F0, FF, 00, 00, 00, C7, 87, 11, 00, 8C, 88, 11, 00, 00, AF, 11, 00, 70, B6, 11, 00, 60, B7, 11, 00, 13, CA, 13, 00, 43, CA, 13, 00, B6, CA, 13, 00, 09, CB, 13, 00, 61, CB, 13, 00, A9, CB, 13, 00, D8, CB, 13, 00, 08, CC, 13, 00, 90, CC, 13, 00, E2, CC, 13, 00, 00, CD, 13, 00, 20, CD, 13, 00, 8A, CD, 13, 00, B0, CD, 13, 00, DF, CD, 13, 00, 10, CE, 13, 00, 48, CE, 13, 00, 76, CE, 13, 00, A6, CE, 13, 00, D6, CE, 13, 00, 11, CF, 13, 00, 45, CF, 13, 00, 8D, CF... 
[+]

Code size:

1.6 MB (1,631,744 bytes)

The file bifitsigner has been discovered within the following program.

BIFIT Signer by BIFIT

bifit.com

About 8% of users remove it

Remove bifitsigner - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.