home

BilalStarter.exe

BilalStarter

Bilal Prayer Development Team

It runs as a scheduled task under the Windows Task Scheduler.
Publisher:
Bilal Ibin Rabah Soft  (signed by Bilal Prayer Development Team)

Product:
BilalStarter

Description:
Bila Prayer Starter

Version:
1.00.0065

MD5:
060ae388fb18ec9767580266627b706c

SHA-1:
0b9ab17edec23136a47743a77ea64738455c2f7a

SHA-256:
cd39ed7ee12e1e0a504c89dc00d9568fb04364fe790a8aff2830aad6c61309b7

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/27/2024 1:38:40 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Evo-gen [Susp]
151004-0

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1077

File size:
59.9 KB (61,312 bytes)

Product version:
1.00.0065

Original file name:
BilalStarter.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\prayer\bilalstarter.exe

Digital Signature
Signed by:
Bilal Prayer Development Team

Authority:
Bilal Ibin Rabah Soft

Valid from:
1/2/2009 8:07:43 AM

Valid to:
1/2/2010 8:17:43 AM

Subject:
E=info@prayertimes.ps, CN=Bilal Prayer, OU=IT, O=Bilal Prayer Development Team, L=Ramallah, S=Palestine, C=PS

Issuer:
CN=Bilal Ibin Rabah Soft

Serial number:
2E6DB761000000000003

File PE Metadata
Compilation timestamp:
2/8/2009 10:10:37 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
768:ocs9mUC769qmZYQUF5465XEO+evVWESxR5OEMdSMrF546JL6:ocyHqr4IXEO+i+Mb42m

Entry address:
0x19B8

Entry point:
68, 94, 1B, 40, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 4F, 84, 62, 0A, A7, 6A, 9F, 4F, A0, 79, 69, B1, A4, 97, AB, FF, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 42, 69, 6C, 61, 6C, 53, 74, 61, 72, 74, 65, 72, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 06, 00, 44, 27, 40, 00, 00, 00, 00, 00, FF, FF, FF, FF, FF, FF, FF, FF, 00, 00, 00, 00, B8, 28, 40, 00, 80, C0, 40, 00, 00, 00, 00, 00, 78, 4B, 23, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
4.9976

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
44 KB (45,056 bytes)

Scheduled Task
Task name:
{21071C42-F128-443F-A4E0-F7005A578D21}

Trigger:
Registration (Runs on registration)


Scan BilalStarter.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.