» dvm.dll
Overview
Analysis
File Details
Programs (2)
Downloads (3)

dvm.dll

The library dvm.dll has been detected as malware by 18 anti-virus scanners. Additionally, the file is typically installed by a number of programs including PrisonBreak [Farsi] by ABM, Inc. and Prison Break by Takin. The file has been seen being downloaded from download1784.mediafire.com and multiple other hosts.

File name:

dvm.dll

MD5:

828c31e67b565de8422fbed4cbfefd57

SHA-1:

fd7a09fb2e0cec8da644a38ab5ed82b01c668348

SHA-256:

443f3050f0bfe8b480ac910825163ce041e322129569544c891f13b4da58c0cb

Scanner detections:

18 / 68

Status:

Malware

Analysis date:

5/11/2024 9:59:36 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

HackTool.Crack

7.1.1

Avira AntiVirus

TR/Obfuscated.XZ.667

7.11.131.248

Bkav FE

W32.Clod0e6.Trojan

1.3.0.4924

Clam AntiVirus

Win.Trojan.Agent-451723

0.98/18355

Comodo Security

UnclassifiedMalware

17797

ESET NOD32

Win32/HackTool.Crack (variant)

8.9430

Fortinet FortiGate

W32/Dx.VGT!tr

2/18/2014

IKARUS anti.virus

Trojan.Crypt

t3scan.2.2.29

McAfee

Generic.dx!828C31E67B56

5600.7216

Microsoft Security Essentials

VirTool:Win32/Obfuscator.XZ

1.165.247.01

NANO AntiVirus

Trojan.Win32.Obfuscated.idcwt

0.28.0.57630

Norman

Suspicious_Gen.OMLV

11.20140218

Panda Antivirus

Trj/Thed.W

14.02.18.07

Rising Antivirus

PE:Trojan.Win32.Generic.1239A8D7!305768663

23.00.65.14216

Sophos

Mal/Obfus-D

4.97

Trend Micro House Call

TROJ_SPNR.03CL11

7.2.49

Trend Micro

TROJ_SPNR.03CL11

10.465.18

VIPRE Antivirus

Trojan.Win32.Generic

26528

File size:

91.5 KB (93,656 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\Program Files\deep silver\prison break\dvm.dll

File PE Metadata

Compilation timestamp:

4/7/2010 5:34:10 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

1536:7ghPi8W1AevpE4JMMgEWVDiviBrRgxLawvJis6+Hr+LWgIQeE7Zrw5Dl:7Si8sMMgE4HFgxLHosBr+LWb5kVw5p

Entry address:

0x1560

Entry point:

8B, 44, 24, 08, 50, 8B, 44, 24, 08, E8, 22, 01, 00, 00, 83, C4, 04, C2, 0C, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 44, 24, 04, 60, 9C, 54, E8, C4, 07, 00, 00, 9D, 61, 8D, 64, 24, 04, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 83, EC, 08, 83, 78, 0C, 00, 53, 55, 56, 57, 0F, 84, C1, 00, 00, 00, 8D, 68, 08, 83, 7D, FC, FF, 0F, 84, C1, 00, 00, 00, 83, 7D, 00, FF, 0F, 84, B7, 00, 00, 00, 8B, 4C, 24, 1C, 8B, 45, 04, 8B, 75, 08, 03, C1, 50, 03, F1, FF, 15, 20, 20, 00, 10, 8B, D8, 33... 
[+]

Entropy:

7.8003 (probably packed)

Code size:

50 KB (51,200 bytes)

The file dvm.dll has been discovered within the following programs.

Prison Break by Takin

www.Takinsilver.com

About 1% of users remove it

PrisonBreak [Farsi] by ABM, Inc.

This is a Farsi translated version of the game.

www.mgi.ir

About 3% of users remove it

The file dvm.dll has been seen being distributed by the following 3 URLs.

http://download1784.mediafire.com/c665rptr48yg/.../dvm.dll

http://download1106.mediafire.com/ubzkjhkjh3yg/.../dvm.dll

http://download1145.mediafire.com/x97vd612fvbg/.../dvm.dll

Remove dvm.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.