» ca2.dll
Overview
Analysis
File Details
Downloads (1)

ca2.dll

The library ca2.dll has been detected as malware by 13 anti-virus scanners. The file has been seen being downloaded from engenhariatm.com.

File name:

ca2.dll

MD5:

d363c346bc628b9e4c4497eaf3aaf5e7

SHA-1:

1fa0612bb2185781f677512a6f88b338643d2a81

SHA-256:

80346d402bc9740c328abc2293558a710587a34ae00080b89fb39341f3ca2243

Scanner detections:

13 / 68

Status:

Malware

Analysis date:

11/16/2024 12:57:42 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.768565

363

Avira AntiVirus

TR/Kazy.152576.8

8.3.2.4

Arcabit

Trojan.Kazy.DBBA35

1.0.0.624

avast!

Win32:Malware-gen

2014.9-160207

AVG

Win32/Blacked

2017.0.2841

Bitdefender

Gen:Variant.Kazy.768565

1.0.20.190

Bkav FE

HW32.Packed

1.3.0.7383

Emsisoft Anti-Malware

Gen:Variant.Kazy.768565

8.16.02.07.08

F-Secure

Gen:Variant.Kazy.768565

11.2016-07-02_1

G Data

Gen:Variant.Kazy.768565

16.2.25

MicroWorld eScan

Gen:Variant.Kazy.768565

17.0.0.114

Panda Antivirus

Trj/Genetic.gen

16.02.07.08

Qihoo 360 Security

HEUR/QVM36.0.Malware.Gen

1.0.0.1077

File size:

149 KB (152,576 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\ca2.dll

File PE Metadata

Compilation timestamp:

11/5/2015 7:09:30 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

3072:KwMejcSAXcczhzlyabu14Zewgg4WbGzo5V3zoDHobI:KheoYqbu14MLWGoXzobk

Entry address:

0x30F3C

Entry point:

68, 83, F9, 0A, 33, 88, 04, 24, C7, 04, 24, 28, E2, 02, 10, 68, 44, F6, 0F, 90, C7, 04, 24, B1, 9E, E9, 15, 9C, 60, 9C, 66, 89, 5C, 24, 08, 8D, 64, 24, 28, E9, 25, EB, 00, 00, 66, 89, 24, 24, 08, C0, E9, A8, DE, FF, FF, 9C, 88, 44, 24, 10, 9C, 8D, 64, 24, 34, 0F, 83, 14, 4B, 00, 00, 68, 5A, 55, FD, 57, 9C, E8, 34, E6, FF, FF, 83, C1, 01, 60, E8, E9, D3, FF, FF, 99, 39, 7A, 73, BB, 72, F6, A1, 5F, 6F, 69, 7F, 71, B1, BF, 5F, 51, 65, 63, 8D, 8B, 4D, 4B, 85, 83, 25, 26, 05, 06, E5, 81, BB, 41, 4A, C0, B8, 9D... 
[+]

Code size:

38 KB (38,912 bytes)

The file ca2.dll has been seen being distributed by the following URL.

http://engenhariatm.com/loader/.../ca2.dll?n35

Remove ca2.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.