» gfrm_lollipopfr.bpl
Overview
Analysis
File Details

gfrm_lollipopfr.bpl

The file gfrm_lollipopfr.bpl has been detected as a potentially unwanted program by 18 anti-malware scanners. According to AVG, this software downloads additional adware offers during setup.

File name:

gfrm_lollipopfr.bpl

Version:

1.0.0.50

MD5:

47b4e1b1f23486df0ae82ea13e1cbcbc

SHA-1:

3e71f9814c70715dbe11f00b43a055237ee0b4dd

SHA-256:

468d5743ef3a293e949c08484f047a029278077e2351f2f3a8ba8ddce74b5ccb

Scanner detections:

18 / 68

Status:

Potentially unwanted

Analysis date:

4/19/2024 8:24:14 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Adware.Lollipop

7.1.1

AhnLab V3 Security

Spyware/Win32.Lollipos

2013.08.21

Avira AntiVirus

TR/Dldr.Lollipos.A.19

7.11.97.124

avast!

Win32:Lollipop-B [Adw]

2014.9-150527

AVG

Downloader.Generic13

2016.0.3096

Comodo Security

UnclassifiedMalware

16798

ESET NOD32

Win32/Adware.Lollipop

9.8709

Fortinet FortiGate

Adware/Fam.NB

5/27/2015

IKARUS anti.virus

Win32.SuspectCrc

t3scan.2.0.127

Kaspersky

not-a-virus:AdWare.Win32.Lollipop

14.0.0.1975

McAfee

Generic.pk

5600.6752

Microsoft Security Essentials

SoftwareBundler:Win32/Lollipos

1.163.1557.0

Quick Heal

TrojanDownloader.Lollipos.gen.cw8

5.15.12.00

Sophos

Generic PUA DO

4.91

Total Defense

Win32/Tnega.ASKK

37.0.10498

Trend Micro House Call

ADW_LOLLIPOP

7.2.147

Trend Micro

ADW_LOLLIPOP

10.465.27

VIPRE Antivirus

Trojan.Win32.Generic

20716

File size:

31 KB (31,744 bytes)

Product version:

1.0.0.0

Language:

Russian (Russia)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\bpl\gfrm_lollipopfr.bpl

File PE Metadata

Compilation timestamp:

5/7/2013 11:03:58 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

384:b61HkB97BwiM5dW5nl5nYJPBIBzpjVK05HVo/DjP94Bn1bSkXAvXc4:+lkJbaPJPBIBVw0ZyH9wh6c4

Entry address:

0x2230

Entry point:

E9, 73, EF, FF, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Packer / compiler:

tElock 0.99 - 1.0 private

Code size:

5 KB (5,120 bytes)

Remove gfrm_lollipopfr.bpl - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.