» b4fm.dll
Overview
Analysis
File Details
Behaviors (1)

b4fm.dll

Sakysoft s.r.l.

The module b4fm.dll, “Burn4Free right context menu” by Sakysoft s.r.l has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

b4fm.dll

Publisher:

Sakysoft s.r.l. (signed and verified)

Product:

b4fm.dll

Description:

Burn4Free right context menu

Version:

6.7.0.0

MD5:

a42dd63e81862c075af287c8ae2d7a3c

SHA-1:

4ae6bd5556636211eff4fb2d1001001a75bb5be5

SHA-256:

6693fa670575de7e9b27eb467e5a3a0db2f957956d999c100624ec4fac578ca7

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

4/19/2024 8:52:20 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Optional.Sakysoftsrl.E

14.11.20.3

File size:

550.9 KB (564,088 bytes)

Product version:

6.7.0.0

Sakysoft s.r.l. 2013-2014

Trademarks:

Sakysoft s.r.l. 2013-2014

Original file name:

b4fm.dll

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\Program Files\burn4free\b4fm.dll

Digital Signature

Signed by:

Sakysoft s.r.l.

Authority:

COMODO CA Limited

Valid from:

2/22/2013 9:00:00 AM

Valid to:

2/23/2014 8:59:59 AM

Subject:

CN=Sakysoft s.r.l., O=Sakysoft s.r.l., STREET=Via Gorghi 6, L=Udine, S=UD, PostalCode=33100, C=IT

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

71866EA827886C967A3E4D23288DBA3A

File PE Metadata

Compilation timestamp:

6/20/1992 7:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:2gesxtyLHHjHQHq9lniOgJzL7eS7nBYe7VlYA:2jsxsjwHNJ7HL7f7

Entry address:

0x72B10

Entry point:

55, 8B, EC, 83, C4, C4, B8, 58, 28, 47, 00, E8, 58, 3D, F9, FF, E8, 8F, 19, F9, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.5866

Developed / compiled with:

Microsoft Visual C++

Code size:

455 KB (465,920 bytes)

Approved Shell Extension

Name:

ShellPlusContextMenu

CLSID:

{1C311AAA-D8B1-4A0A-BEE5-2387FEC583DA}

CLSID name:

Burn4Freecontext menu

Remove b4fm.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.