home

dc736_4shared_com

Bullified Corporation

The file dc736_4shared_com has been detected as malware by 20 anti-virus scanners.
Publisher:
Bullified Corporation  (signed and verified)

MD5:
d63b9de3a3ec39d8a122b490f91f53e6

SHA-1:
ca28a04c9cd273ccd9930f3ed3f4eb275f659fdc

SHA-256:
804b8251d9e0693241826b28ae9f9458ca8d0f71d1b7e2f58702fa61df717480

Scanner detections:
20 / 68

Status:
Malware

Analysis date:
11/27/2024 8:48:30 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Razy.37284
272

AhnLab V3 Security
Trojan/Win32.Agent
2016.04.12

Avira AntiVirus
TR/Dropper.MSIL.wfhr
8.3.3.4

Arcabit
Trojan.Razy.D91A4
1.0.0.669

avast!
Win32:Malware-gen
2014.9-160508

AVG
Generic
2017.0.2750

Baidu Antivirus
Win32.Trojan.WisdomEyes.151026.9950
4.0.3.1658

Bitdefender
Gen:Variant.Razy.37284
1.0.20.645

Emsisoft Anti-Malware
Gen:Variant.Razy.37284
8.16.05.08.06

ESET NOD32
MSIL/Kryptik.FRN (variant)
10.13318

F-Secure
Gen:Variant.Razy.37284
11.2016-08-05_1

G Data
Gen:Variant.Razy.37284
16.5.25

K7 AntiVirus
Riskware
13.221.19274

Kaspersky
Trojan.Win32.Inject
14.0.0.244

McAfee
Artemis!D63B9DE3A3EC
5600.6406

MicroWorld eScan
Gen:Variant.Razy.37284
17.0.0.387

Panda Antivirus
Trj/GdSda.A
16.05.08.06

Qihoo 360 Security
HEUR/QVM03.0.0000.Malware.Gen
1.0.0.1120

Trend Micro
TROJ_GEN.R00JC0ED916
10.465.08

VIPRE Antivirus
Trojan.Win32.Generic.pak!cobra
48556

File size:
197 KB (201,776 bytes)

Common path:
C:\users\{user}\appdata\roaming\idm\dwnldata\dell\dc736_4shared_com_1565\dc736_4shared_com

Digital Signature
Signed by:
Bullified Corporation

Authority:
Bullified Corporation

Valid from:
3/30/2016 8:43:18 AM

Valid to:
3/31/2026 8:43:18 AM

Subject:
E=adl@bullified.com, CN=Bullified Ltd., OU=MIIO Dept., O=Bullified Corporation, L=Sydney, S=New South Wales, C=AU

Issuer:
E=adl@bullified.com, CN=Bullified Ltd., OU=MIIO Dept., O=Bullified Corporation, L=Sydney, S=New South Wales, C=AU

Serial number:
00D49F2215296B86E7

File PE Metadata
Compilation timestamp:
4/5/2016 1:38:12 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:Sr7TNW7S/D0dNEA77gzazcJRg/BwA+jMcRUerEv5VNfjjjjjjjjjjzkoQCCCKL:S7N4EAvpYHWBf5iEBVNLkfL

Entry address:
0x20E3E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.9644

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
124 KB (126,976 bytes)

Remove dc736_4shared_com - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.