bzshlext64.dll

BZShlExt

Bitberry Software

The module bzshlext64.dll, “BitZipper shell extension” by Bitberry Software has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Bitberry Software  (signed and verified)

Product:
BZShlExt

Description:
BitZipper shell extension

Version:
5.0.0.7

MD5:
477d97ee56eb24f3a29b84b7dd4184a9

SHA-1:
a11d032f23ce72a84bde7f40aa90495c2c5ff9fb

SHA-256:
65bc43e96eaa80bf480f76505d43b16d1de311f7aedf2f69fbbeba36435b175e

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/15/2024 12:38:14 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Bitberry (M)
16.12.17.17

File size:
157.6 KB (161,432 bytes)

Product version:
5.0.0.7

Copyright:
Copyright (C) 2000-2008 Bitberry Software

Original file name:
BZShlExt.dll

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\Program Files\bitzipper\bzshlext64.dll

Digital Signature
Authority:
The USERTRUST Network

Valid from:
10/7/2007 8:00:00 PM

Valid to:
10/7/2010 7:59:59 PM

Subject:
CN=Bitberry Software, O=Bitberry Software, STREET=Skolegade 35, L=Holbaek, S=DK, PostalCode=4300, C=DK

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
0CC5065224E5CAA1F9961C524F8B229D

Registration
CLSIDs:
{9176020F-4A61-4F57-A133-258110EBC765}, {D5906221-A717-479b-9B49-CD848F9CE816}

COM registered:
Yes

File PE Metadata
Compilation timestamp:
10/11/2008 7:26:53 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

Entry address:
0xC700

Entry point:
48, 83, EC, 28, 83, FA, 01, 48, 89, 5C, 24, 38, 48, 89, 74, 24, 40, 48, 89, 7C, 24, 48, 8B, DA, 48, 8B, F1, 49, 8B, F8, 75, 05, E8, 3B, 66, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 7C, 24, 48, 48, 8B, 74, 24, 40, 48, 8B, 5C, 24, 38, 48, 83, C4, 28, E9, 7B, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 89, 4C, 24, 08, 48, 83, EC, 38, 48, 89, 5C, 24, 50, 48, 8B, CA, 48, 89, 7C, 24, 28, 48, 8B, DA, E8, B3, 3D, 00, 00, 8B, 4B, 18, F6, C1, 82, 48, 63, F8, 75, 23, E8, 93, 11, 00, 00, C7, 00, 09...
 
[+]

Code size:
101.5 KB (103,936 bytes)

Approved Shell Extension
Name:
BitZipper64

CLSID:
{9176020F-4A61-4F57-A133-258110EBC765}


Remove bzshlext64.dll - Powered by Reason Core Security