dffsetup-oda_dll.exe

Dll-Files.com Fixer

Tilf AB

The application dffsetup-oda_dll.exe by Tilf AB has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. This file is typically installed with the program Docfa4 by Sogei S.p.A. The file has been seen being downloaded from dc473.4shared.com and multiple other hosts.
Publisher:
Dll-Files.com   (signed by Tilf AB)

Product:
Dll-Files.com Fixer

Version:
Dll-Files.com Fixer

MD5:
5b5fbfb8a6341c7270176545c58dae18

SHA-1:
7e2d6ece2e74bf74bde2d7d0d66ea9fa0efb65c5

SHA-256:
3cb4fc46ad80da260f13cc893bc39c52db53d1fb3d74383e7d3ed250622cf933

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 11:39:26 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.DllFixer.TilfAB.Installer.Meta (M)
16.6.9.15

File size:
3.6 MB (3,799,904 bytes)

Product version:
1.0

Copyright:
© Dll-Files.com

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Windows\System32\dffsetup-oda_dll.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
2/27/2012 7:00:00 AM

Valid to:
2/27/2015 6:59:59 AM

Subject:
CN=Tilf AB, O=Tilf AB, STREET=Norra Vallgatan 20, L=Malmö, S=skane, PostalCode=21125, C=SE

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00BB32FDE7CE2BDCDDEEC9106679A55AB6

File PE Metadata
Compilation timestamp:
10/31/2010 3:54:54 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:3oBUK6gAj5LdR+WDsMHaGpQSyhwE79yJHn9XndK9ia6gPoc/40v:YUCAj5J6IaGS7hwEyn/aHwcp

Entry address:
0x16478

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, B0, 52, 41, 00, E8, AC, 03, FF, FF, 33, C0, 55, 68, 45, 6B, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 01, 6B, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, AB, 41, 00, E8, 4E, EC, FF, FF, E8, F5, E7, FF, FF, 8D, 55, EC, 33, C0, E8, 7F, 84, FF, FF, 8B, 55, EC, B8, AC, D6, 41, 00, E8, E2, E9, FE, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, AC, D6, 41, 00, B2, 01...
 
[+]

Entropy:
7.7836

Developed / compiled with:
Microsoft Visual C++

Code size:
84 KB (86,016 bytes)

The file dffsetup-oda_dll.exe has been discovered within the following program.

Docfa4  by Sogei S.p.A
About 5% of users remove it
 
Powered by Should I Remove It?

The file dffsetup-oda_dll.exe has been seen being distributed by the following 38 URLs.

http://dc473.4shared.com/download/.../dffsetup.exe

http://www.dll-files.com/dffsetup-xapofx1_5.exe

http://www.dll-files.com/dffsetup-berkelium.exe

http://www.dll-files.com/dffsetup-d3dcompiler_42.exe

http://pt.dll-files.com/dffsetup-asl.exe

http://www.dll-files.com/dffsetup-msvbvm50.exe

Latest 30 of 38 download URLs

Remove dffsetup-oda_dll.exe - Powered by Reason Core Security