» amztivtwfwwo7c.x64.dll
Overview
Analysis
File Details
Behaviors (1)

amztivtwfwwo7c.x64.dll

tool example one

The module amztivtwfwwo7c.x64.dll has been detected as a potentially unwanted program by 20 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘PuriiCeMinus’.

File name:

Publisher:

tool example one

Product:

tool example one

Description:

MD5:

81033080d4a8b78d5d8ca5e579a3a5f3

SHA-1:

67fd4eabf918ef79b133558d258520cbd6f9d680

SHA-256:

8e0f3efa7e8095aa4672741f235383218dedc33b43caff93bf9048e9a9244b28

Scanner detections:

20 / 68

Status:

Potentially unwanted

Analysis date:

4/16/2024 6:00:04 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Application.Generic.1371905

583

Avira AntiVirus

ADWARE/MultiPlug.Gen4

8.3.1.6

Arcabit

Application.Generic.D14EF01

1.0.0.425

avast!

Win64:Adware-gen [Adw]

2014.9-150701

AVG

AdPlugin

2016.0.3061

Baidu Antivirus

Adware.Win64.MultiPlug

4.0.3.1571

Bitdefender

Application.Generic.1371905

1.0.20.910

ESET NOD32

Win64/Adware.MultiPlug (variant)

9.11853

Fortinet FortiGate

Adware/MultiPlug

7/1/2015

F-Secure

Application.Generic.1371905

11.2015-01-07_4

G Data

Application.Generic.1371905

15.7.25

K7 AntiVirus

Adware

13.205.16383

Kaspersky

not-a-virus:AdWare.Win64.MultiPlug

14.0.0.1800

Malwarebytes

PUP.Optional.MultiPlug.A

v2015.07.01.11

McAfee

Multiplug-FWX

5600.6717

MicroWorld eScan

Application.Generic.1371905

16.0.0.546

Panda Antivirus

Trj/CI.A

15.07.01.11

Reason Heuristics

Threat.Win.Reputation.IMP

15.7.1.23

Trend Micro

TROJ_GEN.R047C0PFR15

10.465.01

VIPRE Antivirus

Trojan.Win32.Generic

41496

File size:

865 KB (885,760 bytes)

Original file name:

2015061615042948

File type:

Dynamic link library (Win64 DLL)

Language:

English (United States)

Common path:

C:\Program Files\puriiceminus\amztivtwfwwo7c.x64.dll

Registration

CLSID:

{F928912A-3E8D-4077-94E2-A63267A5B4AB}

ProgID:

PF928912A_3E8D_4077_94E2_A63267A5B4AB_.9

COM registered:

Yes

File PE Metadata

Compilation timestamp:

6/17/2015 1:06:55 AM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

12288:PvcNUqJjdWdv8h623pdfPDRcOxpK2eKA/ifx2PqVQGR1nGzC+yuT:mhzz0ifx2PfGRWCNuT

Entry address:

0x4F6D4

Entry point:

48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, 9F, 6E, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 03, 00, 00, 00, CC, CC, CC, 48, 8B, C4, 48, 89, 58, 20, 4C, 89, 40, 18, 89, 50, 10, 48, 89, 48, 08, 56, 57, 41, 56, 48, 83, EC, 50, 49, 8B, F0, 8B, DA, 4C, 8B, F1, BA, 01, 00, 00, 00, 89, 50, B8, 85, DB, 75, 0F, 39, 1D, 10, 41, 08, 00, 75, 07, 33, C0, E9, D2, 00, 00, 00, 8D, 43, FF... 
[+]

Entropy:

4.5001

Code size:

416 KB (425,984 bytes)

Internet Explorer BHO

Display name:

PuriiCeMinus

CLSID:

{F928912A-3E8D-4077-94E2-A63267A5B4AB}

Remove amztivtwfwwo7c.x64.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.