home

bfllr.DLL

Killer PCI-E

Bigfoot Networks, Inc.

It is installed as a Winsock Layered Service Provider (LSP) named “BfLLR over [MSAFD Tcpip [TCP/IP]]” as a layered chain entry.
Publisher:
Bigfoot Networks, Inc.  (signed and verified)

Product:
(TM) Killer PCI-E

Description:
BFLLR Dynamic Library

Version:
6.0.0.19

MD5:
c663a1d9839d8fc00ebb077fdf3eda63

SHA-1:
567b945dde8578ea1e3939c48edd49389feb2a69

SHA-256:
af7024de1584f754dcf34f820df3143e440de5f4e2a77465516a8d00d1317d9f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 6:05:09 AM UTC  (today)

File size:
187.6 KB (192,104 bytes)

Product version:
6.0.0.19

Copyright:
Copyright (C) 2006-2010 Bigfoot Networks, Inc.

Original file name:
bfllr.DLL

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\Windows\System32\bfllr.dll

Digital Signature
Signed by:
Bigfoot Networks, Inc.

Authority:
VeriSign, Inc.

Valid from:
3/25/2010 5:00:00 PM

Valid to:
3/26/2012 4:59:59 PM

Subject:
CN="Bigfoot Networks, Inc.", OU=Creative Labs, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Bigfoot Networks, Inc.", L=Austin, S=Texas, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
372F633F64D62ECB541B7D0CDB27BFF6

File PE Metadata
Compilation timestamp:
1/13/2011 11:49:52 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:8d6mAJDexzASgX83a8auOIZ5XUaQzN0hnfCiKx575L6BFQqplp64hh791rJUIG+o:6pjK87p5XUPQnqN575L6Br647XKx

Entry address:
0xF150

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, 87, 21, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, AB, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 4C, 8B, D9, 48, 2B, D1, 0F, 82, 9E, 01, 00, 00, 49, 83, F8, 08, 72, 61, F6, C1, 07, 74, 36, F6, C1, 01, 74, 0B, 8A, 04, 0A, 49, FF, C8, 88, 01, 48, FF, C1, F6, C1, 02, 74, 0F, 66, 8B, 04, 0A...
 
[+]

Entropy:
6.3336

Code size:
90 KB (92,160 bytes)

Winsock2 LSP
Name:
BfLLR over [MSAFD Tcpip [TCP/IP]]

Type:
Layered Chain Entry

Provider ID:
{BEBF3ADC-A206-4199-9F2D-CCAFF17D7C69}

Service flags:
0x66


Scan bfllr.DLL - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.