» gfrm_lollipopes.bpl
Overview
Analysis
File Details

gfrm_lollipopes.bpl

The file gfrm_lollipopes.bpl has been detected as a potentially unwanted program by 18 anti-malware scanners. According to AVG, this software downloads additional adware offers during setup.

File name:

gfrm_lollipopes.bpl

Version:

1.0.0.50

MD5:

f3c899045e5b544b03e70f0b66c67e55

SHA-1:

a4216b725d6b8628d72fb0d16cb03e218fc49634

SHA-256:

a2bf30d5c82b1c1c825858a11c0c42e1b4e75994d156e56ff26d75d89bdc0e92

Scanner detections:

18 / 68

Status:

Potentially unwanted

Analysis date:

4/25/2024 11:02:17 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Agnitum Outpost

Adware.Lollipop

7.1.1

AhnLab V3 Security

Spyware/Win32.Lollipos

2013.08.20

Avira AntiVirus

TR/Dldr.Lollipos.A.17

7.11.97.102

avast!

Win32:Lollipop-B [Adw]

2014.9-150527

AVG

Downloader.Generic13

2016.0.3096

Comodo Security

UnclassifiedMalware

16795

ESET NOD32

Win32/Adware.Lollipop

9.8707

Fortinet FortiGate

Adware/Fam.NB

5/27/2015

IKARUS anti.virus

Win32.SuspectCrc

t3scan.2.0.127

Kaspersky

not-a-virus:AdWare.Win32.Lollipop

14.0.0.1975

McAfee

Generic.pk

5600.6752

Microsoft Security Essentials

SoftwareBundler:Win32/Lollipos

1.163.1557.0

Quick Heal

TrojanDownloader.Lollipos.asd.cw8

5.15.12.00

Sophos

Generic PUA KE

4.91

Total Defense

Win32/Tnega.ASKH

37.0.10498

Trend Micro House Call

ADW_LOLLIPOP

7.2.147

Trend Micro

ADW_LOLLIPOP

10.465.27

VIPRE Antivirus

Trojan.Win32.Generic

20696

File size:

31 KB (31,744 bytes)

Product version:

1.0.0.0

Language:

Russian (Russia)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\bpl\gfrm_lollipopes.bpl

File PE Metadata

Compilation timestamp:

5/7/2013 11:03:58 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

384:b61HkB97BCiM/dW5nl5nYJPBIBzpjVK05HVo/DjX94Bn1KBNK2BYCk4:+lkJxcPJPBIBVw0Zyv9w864

Entry address:

0x2230

Entry point:

E9, 73, EF, FF, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Packer / compiler:

tElock 0.99 - 1.0 private

Code size:

5 KB (5,120 bytes)

Remove gfrm_lollipopes.bpl - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.