» ca2.dll
Overview
Analysis
File Details
Downloads (1)

ca2.dll

File name:

ca2.dll

MD5:

9435d2a4a7ff2f404cb696bc32518433

SHA-1:

97d1c65aaf183e66690547d04507db26422e3187

SHA-256:

08557ae6262d01346560c2f62e8874a2b58a004ecd47653467ba4c2beddce3f4

Scanner detections:

10 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

11/16/2024 12:44:46 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.717227

363

Arcabit

Trojan.Kazy.DAF1AB

1.0.0.590

AVG

Win32/Blacked

2017.0.2841

Bitdefender

Gen:Variant.Kazy.717227

1.0.20.190

Emsisoft Anti-Malware

Gen:Variant.Kazy.717227

8.16.02.07.08

F-Secure

Gen:Variant.Kazy.717227

11.2016-07-02_1

G Data

Gen:Variant.Kazy.717227

16.2.25

MicroWorld eScan

Gen:Variant.Kazy.717227

17.0.0.114

Panda Antivirus

Trj/Genetic.gen

16.02.07.08

Qihoo 360 Security

HEUR/QVM36.0.Malware.Gen

1.0.0.1077

File size:

156 KB (159,744 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\ca2.dll

File PE Metadata

Compilation timestamp:

11/4/2015 12:43:28 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

3072:mBytaIyiWkpAULrk/XxsCXwO9CgXqcqiUR75URYsFiF5/TmnX:mBQJyiUUs/XxsCXV9azyiP

Entry address:

0x2BC50

Entry point:

9C, E8, 69, 2F, 01, 00, E8, B5, 2D, 00, 00, 50, F5, 69, D2, 0A, 00, 00, 00, 60, 01, C2, 9C, C7, 44, 24, 18, 59, 2F, DC, 14, 8D, 64, 24, 28, E9, 97, DD, 00, 00, BC, CF, A5, C6, 6C, 0D, 79, 36, FE, 4A, B7, 07, 6C, AC, 3C, B9, 4E, 9A, 58, 46, F4, CA, A8, 5E, 2B, 4B, 44, 3B, 47, 6F, D3, A7, 3B, E8, 2F, 9D, 0C, B7, 0D, CB, AB, D5, A3, 47, F8, 46, CE, 89, 5A, EF, 8F, 52, 34, 83, F5, 39, B6, 0E, 37, 6A, BB, DA, 7F, AB, DF, E4, 21, 72, 9B, EA, 09, 66, 92, CE, 65, B3, D2, 8C, 8B, 04, B4, 35, 1E, 4A, 47, 2C, F2, 4E... 
[+]

Code size:

38 KB (38,912 bytes)

The file ca2.dll has been seen being distributed by the following URL.

http://engenhariatm.com/loader/.../ca2.dll?n70

Scan ca2.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.