» ca2.dll
Overview
Analysis
File Details
Downloads (1)

ca2.dll

File name:

ca2.dll

MD5:

65487879bb1c5f300404b7f634399ee1

SHA-1:

c3ed32fba91577c6feceb86146b8c1f9a87d201e

SHA-256:

8fdaaafc8993173c28a27e2fa21ecf8a016e84a4b7cd61cb7a2b091c39b8122c

Scanner detections:

9 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

11/16/2024 12:18:58 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.638297

363

Arcabit

Trojan.Kazy.D9BD59

1.0.0.585

AVG

Win32/Blacked

2017.0.2841

Bitdefender

Gen:Variant.Kazy.638297

1.0.20.190

Emsisoft Anti-Malware

Gen:Variant.Kazy.638297

8.16.02.07.08

F-Secure

Gen:Variant.Kazy.638297

11.2016-07-02_1

G Data

Gen:Variant.Kazy.638297

16.2.25

MicroWorld eScan

Gen:Variant.Kazy.638297

17.0.0.114

Panda Antivirus

Trj/Genetic.gen

16.02.07.08

File size:

146 KB (149,504 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\ca2.dll

File PE Metadata

Compilation timestamp:

11/1/2015 2:27:38 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

3072:3Zq/7H6+Nbm6SnIEvahCHXjIkscpwJ2ji9ySqkRRL+fk7:3Zq/7TNJUvS4jC1kji9ZtbLce

Entry address:

0x3D0F7

Entry point:

E8, 98, A8, FE, FF, 52, 7E, B5, 1E, F2, 5F, ED, A8, 96, 32, 55, 76, 67, 68, 69, 63, 77, 51, 36, 9B, D1, 03, BF, 0E, E4, E5, FE, 07, 8A, 48, E2, E8, 99, 2E, 52, 43, F7, CB, C6, 61, A5, BA, 4C, B8, 4E, C5, 15, B5, AE, C2, E1, D9, F1, 3F, 8F, 38, 93, D1, 94, 40, 67, 66, 8B, 79, 51, 8D, 68, 9E, F3, F4, 9D, A1, D7, 91, 7F, 54, 3A, 8A, 49, 1D, AD, 20, AB, 0A, BE, A7, 26, 9E, 2A, A9, 2B, 16, B6, FC, 09, 13, BF, F6, D7, ED, E2, C7, 02, CE, FD, 63, 91, BB, F9, D6, 1E, 62, 71, 41, 8F, BE, 0C, CD, 60, 31, C0, 8D, 64... 
[+]

Code size:

38 KB (38,912 bytes)

The file ca2.dll has been seen being distributed by the following URL.

http://engenhariatm.com/loader/.../ca2.dll?n48

Scan ca2.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.