home

buddha.dll

The module buddha.dll has been detected as a potentially unwanted program by 18 anti-malware scanners. This file is typically installed with the program Call of Duty(R) Black Ops II by Niloofarabi. The file has been seen being downloaded from download1329.mediafire.com and multiple other hosts.
MD5:
90ed4a98cab5d0405f735d8f0f7c6faa

SHA-1:
4fdd27b8e0dd0c6051bc58b6b8011401e5bc0527

SHA-256:
35b523b561552c974db602e4ddcf7f98b4a25648d23d937122412d0985e236ea

Scanner detections:
18 / 68

Status:
Potentially unwanted

Analysis date:
4/25/2024 6:15:57 PM UTC  (today)

Scan engine
Detection
Engine version

AVG
PSW.OnlineGames4
2015.0.3570

Baidu Antivirus
Trojan.Win32.Genome
4.0.3.1427

Bkav FE
W32.Clod526.Trojan
1.3.0.4923

Comodo Security
UnclassifiedMalware
17724

Fortinet FortiGate
W32/SPNR.03L812!tr
2/7/2014

F-Prot
W32/Backdoor2.HNBE
v6.4.7.1.166

IKARUS anti.virus
not-a-virus.Crack.Games
t3scan.2.2.29

K7 AntiVirus
Backdoor
13.175.11046

Malwarebytes
Malware.Gen.SKR
v2014.02.07.11

McAfee
RDN/Generic.dx!c2z
5600.7226

Norman
Troj_Generic.FRAEK
11.20140207

Rising Antivirus
PE:Trojan.Win32.Generic.1388D140!327733568
23.00.65.14205

Sophos
Mal/VMProtBad-A
4.97

Trend Micro House Call
TROJ_SPNR.03L812
7.2.38

Trend Micro
TROJ_SPNR.03L812
10.465.07

Vba32 AntiVirus
Trojan.Genome.akzfw
3.12.24.3

VIPRE Antivirus
Trojan.Win32.Generic
26102

ViRobot
Trojan.Win32.A.Genome.62464.BE
2011.4.7.4223

File size:
61 KB (62,464 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\windows\buddha.dll

File PE Metadata
Compilation timestamp:
11/12/2012 12:49:09 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.12

CTPH (ssdeep):
1536:h10PGLbotD80T55W6E9SANSHaFka/WQUZztexs/cSWM:HEGm/55+9vM6EQYIxs

Entry address:
0x138F9

Entry point:
60, C7, 44, 24, 1C, 77, 6F, 6E, FF, 88, 74, 24, 04, 60, C7, 44, 24, 38, 01, B8, BF, 16, FF, 34, 24, 8D, 64, 24, 3C, E9, 5F, 66, 00, 00, E9, C9, F0, FF, FF, 09, 00, 3C, F0, B4, 88, 7C, 1E, 8D, D7, FA, DF, D2, CB, F1, 33, 53, 52, 4A, 33, E5, 37, 8D, 25, 36, 2D, A4, 76, AC, 6E, 94, E6, 44, 48, 41, 1B, 6F, 45, 59, D5, 22, 48, 59, C2, 93, 22, 5F, 2E, DD, B7, 3B, D8, 53, BB, D0, 0F, AE, 64, 02, E4, 90, BA, 2C, 98, EB, 01, C2, 68, BF, 5D, 5C, F8, 8D, 64, 24, 2C, E9, 06, 2C, 00, 00, 9C, 9C, 60, 2C, 12, 80, FF, 35...
 
[+]

Code size:
3 KB (3,072 bytes)

The file buddha.dll has been discovered within the following program.

Call of Duty(R) Black Ops II  by Niloofarabi
www.Niloofarabi.com
About 9% of users remove it
 
Powered by Should I Remove It?

The file buddha.dll has been seen being distributed by the following 6 URLs.

http://download1329.mediafire.com/xsv9t2zvowbg/.../buddha.dll

http://dc581.2shared.com/download/.../buddha.dll?tsid=20141013-172307-36a45cd4

http://dc581.2shared.com/download/.../buddha.dll?tsid=20140802-201307-bb85e44a

http://dc581.2shared.com/download/.../buddha.dll?tsid=20140517-184556-9c5b3b41

http://dc581.2shared.com/download/.../buddha.dll?tsid=20140405-074735-99dac506

http://dc581.2shared.com/download/.../buddha.dll?tsid=20130503-000915-da6d469c

Remove buddha.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.