» kpzrbyg.dll
Overview
Analysis
File Details

kpzrbyg.dll

The module kpzrbyg.dll has been detected as a potentially unwanted program by 11 anti-malware scanners. The setup routine uses the RevenYou.Com Pay Per Install platform (OutBrowse) which bundles additional software offers inclduing toolbars, extensions, PC utilities as well as other PUPs.

File name:

kpzrbyg.dll

MD5:

637e11f4be50af407061c99ad1c5b09f

SHA-1:

28de28b02861b766c8132abbfd473f1ff70f6646

SHA-256:

55f1b248662d9923061f86ef80765bb7b36d9ed21cdf78727f3289aa8e5c42ec

Scanner detections:

11 / 68

Status:

Potentially unwanted

Explanation:

Bundles additional adware offers during download and installation using the OutBrowse installer.

Analysis date:

5/5/2024 7:14:56 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Mikey.21031

549

Avira AntiVirus

PUA/Outbrowse.Gen

8.3.1.6

Arcabit

Trojan.Mikey.D5227

1.0.0.425

Bitdefender

Gen:Variant.Mikey.21031

1.0.20.1080

Emsisoft Anti-Malware

Gen:Variant.Mikey.21031

8.15.08.04.01

ESET NOD32

Win32/OutBrowse.CI potentially unwanted (variant)

9.12038

F-Secure

Gen:Variant.Adware.Mikey

11.2015-10-08_2

G Data

Gen:Variant.Mikey.21031

15.8.25

herdProtect (fuzzy)

variant of xfkfkiq.dll

2015.9.10.5

MicroWorld eScan

Gen:Variant.Mikey.21031

16.0.0.648

Reason Heuristics

Threat.Win.Reputation.IMP

15.8.10.18

File size:

137 KB (140,288 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\kpzrbyg.dll

File PE Metadata

Compilation timestamp:

8/2/2015 8:10:01 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

10.0

CTPH (ssdeep):

3072:eUmmLe9vPa2AYS5dFPfb8JG4dmdqF3oFSSG:eUfLe9yyJbEU4SSG

Entry address:

0x9B4E

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 62, 61, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 51, 53, 56, 8B, 35, 28, B0, 01, 10, 57, FF, 35, AC, 35, 02, 10, FF, D6, FF, 35, A8, 35, 02, 10, 8B, D8, 89, 5D, FC, FF, D6, 8B, F0, 3B, F3, 0F, 82, 81, 00, 00, 00, 8B, FE, 2B, FB, 8D, 47, 04, 83, F8, 04, 72, 75, 53, E8, AA, 61, 00, 00, 8B, D8, 8D, 47, 04, 59, 3B, D8, 73, 48, B8, 00, 08, 00, 00, 3B, D8, 73, 02, 8B, C3, 03, C3, 3B, C3, 72, 0F, 50, FF... 
[+]

Code size:

101 KB (103,424 bytes)

Remove kpzrbyg.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.