» bypass.dll
Overview
Analysis
File Details

bypass.dll

The library bypass.dll has been detected as malware by 27 anti-virus scanners.

File name:

bypass.dll

MD5:

80e5c5cf01f4bdd8227e6f6e800a52bf

SHA-1:

7b66b9377c2ce34b44915d1e5ffe99a14d16607f

SHA-256:

c8cada26e66e2bb64a57dabfe105fab7f3f5b85fe65cb396062378b80b780aef

Scanner detections:

27 / 68

Status:

Malware

Analysis date:

4/26/2024 2:51:25 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.11655940

836

AegisLab AV Signature

Troj.Generic

2.1.4+

Agnitum Outpost

Trojan.VMProtect

7.1.1

Avira AntiVirus

TR/Black.Gen2

7.11.179.140

avast!

Win32:Malware-gen

2014.9-141022

AVG

Win32/Blacked

2015.0.3314

Baidu Antivirus

Trojan.Win32.VMProtect

4.0.3.141022

Bitdefender

Trojan.Generic.11655940

1.0.20.1475

Bkav FE

W32.HfsAutoA

1.3.0.4959

Comodo Security

UnclassifiedMalware

19849

Emsisoft Anti-Malware

Trojan.Generic.11655940

8.14.10.22.05

ESET NOD32

Win32/Packed.VMProtect.ABD (variant)

8.10586

Fortinet FortiGate

W32/VMProtBad.A!tr

10/22/2014

F-Secure

Trojan.Generic.11655940

11.2014-22-10_4

G Data

Trojan.Generic.11655940

14.10.24

IKARUS anti.virus

Trojan.Win32.VMProtect

t3scan.1.7.8.0

K7 AntiVirus

Trojan

13.184.13727

McAfee

Artemis!80E5C5CF01F4

5600.6970

MicroWorld eScan

Trojan.Generic.11655940

15.0.0.885

NANO AntiVirus

Trojan.Win32.Black.dezjvf

0.28.2.62671

Norman

Troj_Generic.VTFJN

11.20141022

nProtect

Trojan.Generic.11655940

14.10.19.01

Rising Antivirus

PE:Trojan.Win32.Generic.174853BA!390615994

23.00.65.141020

Sophos

Mal/VMProtBad-A

4.98

Trend Micro House Call

TROJ_GEN.R047C0EII14

7.2.295

Trend Micro

TROJ_GEN.R047C0EII14

10.465.22

VIPRE Antivirus

Trojan.Win32.Generic

34066

File size:

283 KB (289,792 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\ProgramData\s4l\bypass.dll

File PE Metadata

Compilation timestamp:

9/9/2014 10:22:18 PM

OS version:

6.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

6144:1gAQSW2sh8j+Wip78pIrRJoLa0sEBorBIrXLsnPWyj9y8xD65VK+:1gAJXj+RpogJcnBou8nOyj9nxDE

Entry address:

0x86741

Entry point:

9C, E9, D9, C5, FE, FF, 9C, 88, 24, 24, 50, 8D, 64, 24, 3C, 0F, 85, 9A, 1F, FE, FF, 55, 9C, E8, 19, F2, FF, FF, 00, 00, 4D, 65, 73, 73, 61, 67, 65, 42, 6F, 78, 41, 00, 8D, 64, 24, 04, 0F, 87, 9A, 3A, FE, FF, 10, DC, E8, 8D, 1F, FE, FF, 99, 32, CD, A0, 33, 72, BD, C7, AB, 4E, FD, 7A, 95, 76, 0F, A2, 55, A9, 34, 80, 47, 26, DD, 09, C8, 24, CF, AE, 5D, B1, 34, 0B, E2, 3A, E1, 05, CC, 38, C7, CB, 16, 55, 92, 31, 3B, E4, 1B, 53, A4, 18, 09, 70, 81, 60, D6, 45, 8E, A4, 01, 7B, 67, 72, E8, D8, 35, 8F, 32, 15, CC... 
[+]

Code size:

104 KB (106,496 bytes)

Remove bypass.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.