home

AtiPlay32.dll

AtiPlay32

The library AtiPlay32.dll has been detected as malware by 11 anti-virus scanners.
Product:
AtiPlay32

Version:
28,14,4032,0

MD5:
e7dc090e0be79e547b6a6b56e6237515

SHA-1:
c029083156cd3de6fa74d71ec8bf5887e2ea843a

SHA-256:
7655fc053c03e439fa8afc2d2625f796b0856b85de3f16b5d1d0f6a7736fdf61

Scanner detections:
11 / 68

Status:
Malware

Analysis date:
4/24/2024 9:08:41 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Kazy.391231
799

Avira AntiVirus
TR/ATRAPS.Gen
7.11.30.172

AVG
Win32/Cryptor
2014.0.4189

Bitdefender
Gen:Variant.Kazy.391231
1.0.20.1660

Emsisoft Anti-Malware
Gen:Variant.Kazy.391231
9.0.0.4570

F-Secure
Gen:Variant.Kazy.391231
11.2014-28-11_6

G Data
Gen:Variant.Kazy.391231
14.11.24

IKARUS anti.virus
Trojan.Win32.Sefnit
t3scan.1.8.3.0

Microsoft Security Essentials
Threat.Undefined
1.189.840.0

MicroWorld eScan
Gen:Variant.Kazy.391231
15.0.0.996

Panda Antivirus
Trj/Genetic.gen
14.11.28.01

File size:
34.5 KB (35,328 bytes)

Product version:
28,14,4032,0

Copyright:
Copyright (C) 2014

Original file name:
AtiPlay32.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\extion\atiplay32.dll

File PE Metadata
Compilation timestamp:
11/20/2014 4:23:29 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
10.0

CTPH (ssdeep):
768:bBsW2xlTRbYSGjRx0paZO70ZkUlshhXFuIQkx1:bWWSbYQaZNZpszFqs

Entry address:
0x101E

Entry point:
33, C0, 40, C2, 0C, 00, 55, 8B, EC, 83, EC, 20, 83, 7D, 10, 00, 8B, 50, 18, 8B, 48, 08, 89, 55, E8, 8B, 50, 24, 8B, 00, 53, 89, 45, E0, A1, 34, 90, 00, 10, 56, 57, 89, 55, E4, 89, 45, F8, 0F, 8E, B1, 01, 00, 00, 8B, 5D, 10, 8B, 75, 10, 8B, 7D, 10, EB, 03, 8B, 4D, F0, 8B, 55, E8, 8B, 45, F8, 0F, AF, D1, 03, 55, E4, 8B, 4D, F8, 03, C0, 81, F9, 68, 01, 00, 00, 89, 55, F0, 7D, 0E, 6B, C9, 03, BA, AA, E5, FF, FF, 2B, D1, 03, C2, EB, 56, 85, C9, 8D, 1C, 00, 8D, 34, 0B, 7F, 10, 52, E8, C5, 2F, 00, 00, 8D, 04, 5E...
 
[+]

Entropy:
6.8323

Code size:
11.5 KB (11,776 bytes)

Remove AtiPlay32.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.