home

npBIFITSigner.dll

BIFIT Signer

Open Joint-Stock Company BIFIT

The library npBIFITSigner.dll has been detected as malware by 1 anti-virus scanner. It is installed within the Mozilla Firefox web browser as an extension/plugin as ‘BIFIT Signer’.
Publisher:
BIFIT  (signed by Open Joint-Stock Company BIFIT)

Product:
BIFIT Signer

Description:
BIFIT Signer 3.2

Version:
3.2

MD5:
2d7364694a1eaa1e09c75855a4160ad5

SHA-1:
583aa9347dcfdb65b75beaeafb327b1a15778ea8

SHA-256:
80f160f5ce0c13034a8d9e1cebf6d7a33eafde226463b4c0252e9e533ae17908

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/15/2024 1:44:31 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Trojan.Downloader (M)
17.3.13.19

File size:
684.2 KB (700,592 bytes)

Product version:
3.2

Copyright:
Copyright (C) 2017 BIFIT

Original file name:
npBIFITSigner.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\bifit\bifit signer\npbifitsigner.dll

Digital Signature
Signed by:
Open Joint-Stock Company BIFIT

Authority:
DigiCert Inc

Valid from:
6/1/2015 3:00:00 AM

Valid to:
6/6/2018 3:00:00 PM

Subject:
CN=Open Joint-Stock Company BIFIT, O=Open Joint-Stock Company BIFIT, L=Moscow, C=RU, PostalCode=105203, STREET="46, ul. Nizhnyaya Pervomayskaya", SERIALNUMBER=1077746075461, OID.1.3.6.1.4.1.311.60.2.1.3=RU, OID.2.5.4.15=Private Organization

Issuer:
CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0D1C30FB9008667B2635713E39151CC2

File PE Metadata
Compilation timestamp:
3/10/2017 4:02:07 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

Entry address:
0x35F1F

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, F7, 08, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, BE, FE, FF, FF, 83, C4, 0C, 5D, C2, 0C, 00, 55, 8B, EC, 8B, 45, 08, 56, 8B, 48, 3C, 03, C8, 0F, B7, 41, 14, 8D, 51, 18, 03, D0, 0F, B7, 41, 06, 6B, F0, 28, 03, F2, 3B, D6, 74, 19, 8B, 4D, 0C, 3B, 4A, 0C, 72, 0A, 8B, 42, 08, 03, 42, 0C, 3B, C8, 72, 0C, 83, C2, 28, 3B, D6, 75, EA, 33, C0, 5E, 5D, C3, 8B, C2, EB, F9, E8, FA, 0C, 00, 00, 85, C0, 75, 03, 32, C0, C3, 64, A1, 18, 00, 00, 00, 56, BE, B8, 09, 0A, 10, 8B...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
517.5 KB (529,920 bytes)

Mozilla Plugin
Name:
BIFIT Signer


Remove npBIFITSigner.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.