home

npisecurity-bodl.dll

SA-iSecurity Plug-in for BODL

BANK OF DALIAN CO.,LTD

It is installed within the Mozilla Firefox web browser as an extension/plugin as ‘isecurity-bodl’.
Publisher:
大连银行  (signed by BANK OF DALIAN CO.,LTD)

Product:
SA-iSecurity Plug-in for BODL

Version:
2, 5, 4, 0

MD5:
8410013a2e406c616795d7f838ca3ec0

SHA-1:
624323571b417dec8b7c0153099ff8c6f6f6e1ef

SHA-256:
ca11736828ae9caa960287b5a14bfec07f89c54ec26e24396e6d9f5633461d01

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
5/5/2024 10:39:25 AM UTC  (today)

Scan engine
Detection
Engine version

F-Prot
W32/MalwareHiderPatched-based!M
4.6.5.141

File size:
590.4 KB (604,552 bytes)

Product version:
2, 5, 4, 0

Copyright:
Copyright (C) 2014 Bank of Dalian

Original file name:
npisecurity-bodl.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\bodl security suite\npisecurity-bodl.dll

Digital Signature
Signed by:
BANK OF DALIAN CO.,LTD

Authority:
VeriSign, Inc.

Valid from:
3/12/2013 8:00:00 AM

Valid to:
4/12/2015 7:59:59 AM

Subject:
CN="BANK OF DALIAN CO.,LTD", OU=Electronic Banking Dept, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="BANK OF DALIAN CO.,LTD", L=DALIAN, S=LIAONING, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
29F0128F1E2D6AD3587DC9CCBEEB4A52

File PE Metadata
Compilation timestamp:
12/16/2014 9:06:25 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:SUhMwgR4wFHzPUCwYmF74pCAE7rpwZJJmyx8cYAZJy2Z:rawuZUFY47oRKrpwZJH85Xi

Entry address:
0xE3E12

Entry point:
60, 8D, 64, 24, 20, 0F, 8D, 0D, 55, FC, FF, 9C, 9C, C7, 44, 24, 04, C6, 30, A7, 78, 9C, E8, DD, B2, 04, 00, 01, E9, D2, C5, B9, 04, 01, 00, 00, 66, C7, 04, 24, C5, 2F, F8, FF, 34, 24, F8, 30, C0, E8, 61, 70, FC, FF, 85, AD, D3, AD, 93, 42, DD, 1F, 35, EA, 10, A0, B7, 84, 17, CB, 74, BE, 9A, 48, 16, 00, 04, F3, 76, E4, 40, D7, A8, 9E, A0, DB, 7E, 25, 8C, 4C, D2, 04, 0B, AE, 31, 24, CC, 64, 8B, 44, F8, 84, 8C, 0F, 38, 76, 3F, 4E, DA, CE, CC, 9F, 60, 70, 3D, CB, EC, FC, C5, 18, 0B, 1E, 22, BC, 93, 70, 68, 49...
 
[+]

Entropy:
7.8623  (probably packed)

Code size:
320 KB (327,680 bytes)

Mozilla Plugin
Name:
isecurity-bodl


Scan npisecurity-bodl.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.