home

zplugins.dll

Browser Distribution Services, Inc.

The module zplugins.dll, “20150626185834/67c839f” by Browser Distribution Services has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is also typically executed from the user's temporary directory.
Publisher:
Browser Distribution Services, Inc.  (signed and verified)

Description:
20150626185834/67c839f

Version:
0.0.0.0

MD5:
65fb8e374241e9975b8b8e56b5f75962

SHA-1:
7c77e763892422952be5aeef7a2d5aa196ddb864

SHA-256:
2580258cbb8b3ac9187e4c058d4299d43b8564cf7bc87c8eaac60acf48714b14

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/1/2024 1:25:52 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Zugo (M)
16.10.17.19

File size:
966.2 KB (989,344 bytes)

Product version:
0.0.0.0

Original file name:
zplugins.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (Wielka Brytania)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\zplugins.dll

Digital Signature
Signed by:
Browser Distribution Services, Inc.

Authority:
COMODO CA Limited

Valid from:
2/23/2015 1:00:00 AM

Valid to:
1/1/2016 12:59:59 AM

Subject:
CN="Browser Distribution Services, Inc.", O="Browser Distribution Services, Inc.", STREET="2711 Centerville Road, Suite 400", L=Wilmington, S=DE, PostalCode=19808, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00EA928714B8F5B2624A02F3B49A00E677

File PE Metadata
Compilation timestamp:
6/26/2015 8:58:35 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
12.0

CTPH (ssdeep):
12288:hTRrsIb97PP/sf96cK++rxAxOopMf+4dNG5gU/bF7tljLoyL6Rc0WU/dwSh/1Spa:hTRrjpzP09D9UQObO5jfKRc0WU7k4

Entry address:
0x9AAFD

Entry point:
08, A5, A5, 44, 94, 01, 6C, 42, 32, 81, 00, 21, 7C, 17, AB, 77, C6, 03, 0B, 80, 15, D2, 94, B0, AF, 06, 01, 94, 90, 00, 6C, 7F, CF, 99, 1E, A9, 83, 8B, 00, 4A, A3, D5, 75, 31, 76, 3D, 88, 08, 1C, AE, 4F, 34, 03, 6E, D6, 3C, 13, 00, 44, 14, 8E, A0, 2F, 91, 35, D1, 40, 50, 23, 8E, 20, 1A, 8A, 55, 66, 71, 00, 6F, B6, 87, 54, A3, 70, 38, AE, 00, CF, 6F, 0C, 3C, 6D, 6C, A7, 9B, 04, 8B, DD, 34, 03, 71, FF, 7D, A3, D9, 00, D5, BA, 65, E1, E1, 0E, 43, 8A, 20, B8, A9, 68, C3, 58, 35, 03, 73, EB, 00, C5, 0F, 91, A9...
 
[+]

Code size:
763.5 KB (781,824 bytes)

Remove zplugins.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.