home

rebuilt.difxapi.dll

The library rebuilt.difxapi.dll has been detected as malware by 1 anti-virus scanner. The file has been seen being downloaded from www.funnyday116-dm.biz and multiple other hosts.
MD5:
76cdb2bad9582d23c1f6f4d868218d6c

SHA-1:
b04f3ee8f5e43fa3b162981b50bb72fe1acabb33

SHA-256:
8739c76e681f900923b900c9df0ef75cf421d39cabb54650c4b9ad19b6a76d85

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
4/19/2024 1:40:27 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
(M)
16.6.5.12

File size:
22 Bytes

File type:
Dynamic link library (Win64 DLL)

Common path:
C:\users\{user}\appdata\roaming\easeware\drivereasy\drivers\lvypb45w.0t5\infinst_autol\rebuilt.difxapi.dll

File PE Metadata
OS bitness:
Win64

Entry point:
50, 4B, 05, 06, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
1.0477

Packer / compiler:
RLPack FullEdition V1.1X * Sign.By.fly

The file rebuilt.difxapi.dll has been seen being distributed by the following 50 URLs.

http://www.funnyday116-dm.biz/tdownload.php?version=1.1.5.26&campid=3687&prefix=MULTI Les 100 Plus Grands Tube Downloader&instid[thankyoupage]=http://.../?success&ti1=1230304821&instid[appsetupurl]=http://fastmediadownloads.com/download/Prompt-Downloader-1230304821.exe&instid[appname]=MULTI Les 100 Plus Grands Tubes De L Histoire Cof Downloader&instid[cmdline]=&instid[appimageurl]=http://.../logo.png&s1=459cded43d1299adc7ce8087e257ee4cc2270dc6&t1=1439192601

https://d1ob5g40gc5b6g.cloudfront.net/41/400445/.../Delphi_8.msi.zip

http://www.good-bat.xyz/download.php?version=1.1.5.26&ci=3687&instid[appname]=Bmw Mk4 Update V32 Downloader&instid[appsetupurl]=http://fastmediadownloads.com/download/Prompt-Downloader-1172086510.exe&instid[cmdline]=&instid[appimageurl]=http://.../logo.png&prefix=Bmw Mk4 Update V32 Downloader&instid[interrupted]=http://.../?cancel&ti1=1172086510&instid[thankyoupage]=http://.../?success

http://www.autojuly112-ml-download.biz/tdownload.php?version=1.1.6.20&campid=6092&prefix=Stevie Stone – Eat.mp3&instid[appname]=Stevie Stone – Eat.mp3&q=Stevie Stone – Eat.mp3&s1=81e676f425d6ea25a26dc1e0d17dc579bf1c30f4&t1=1440524642

https://doc-0o-1k-docs.googleusercontent.com/docs/secure/00l7i263525oo8r68ibjsd5fpao3ldtk/riudo38g5sn7ngkgvl2farccbqojd68d/1456970400000/.../05132292056085790838/C5Mzvp24y9CyEgjekUsFkZDkNbRFv7KVCPEXZQ8ixuJiDBTIk9GV3FjtTjMW26L3Y_Aq7iFZtfGuuikoMcfoof2oXp7S7rFYo9u9N3LgumqG9eLOVsxOptbEt22nmpWH?a=documents-export-2016-03-02.zip&ai=C5Mzvp24y9CyEgjekUsFkZDkNbRFv7KVCPEXZQ8ixuJiDBTIk9GV3FjtTjMW26L3Y_Aq7iFZtfGuuikoMcfoof2oXp7S7rFYo9u9N3LgumqG9eLOVsxOptbEt22nmpWH&ap=grOCTZLfQ5XMMuLscJRg4v8eGXG9a7Lc0-q_BAkseQXW-m9dySAbQQ&nonce=7mruvi1oo1gmg&user=05132292056085790838&hash=tuu73r150nn18ktiq7r1n34epk3fav1l

https://video.googleusercontent.com/p6vyrl_8hCWukI1-dOUZ3fgx-qNPPjmlZG3Rr2OchPM-gyZdXYN26kKwPhK8K4SQuIxMt0Tx1gT8pK1zAFYv98065un-Ky6F0eXTeijtUFAsZbBu9nu0e-WrkPnXAe_5J0ORTDTlVw_hvdfac1aXuMXFIhMzwK4MI2gmkedq-PNGV1Vx1w

http://forums.getpaint.net/applications/core/interface/.../attachment.php?id=10961

https://mail-attachment.googleusercontent.com/attachment/u/.../?ui=2&ik=294cb81941&view=att&th=1543d2db97916902&disp=zip&saddbat=ANGjdJ99P9E9ELSZlrvWWL6uespI1y3-w9nuNBVSIUs6-oUuYe5QxAtuAoqnvrt0JPuL7mdQrTmoKZlLQmu9KEFLaafsSqzDPr9RkODb1OX-BFoAZx7GXVUKRhUAH1tx-L2UL2mMEtJ8nvYgyAc9BvLJl_GAbSSTxCyRpzMpWXvZXrEYPKXWZCWt1oDi5tcdHRO9CJl_HmQniaxujOB3SWi-ReaXzCurRriyZU-Kdi-tFjMq0l3f4zua7YQ1Jy-LHBh_70piTnrSYO7zuryfHB9S0JfvoyJtFRicQPau4d-Raf0p-vXZ80n8bpNFB-uaCvruO1NyCxgN8wZkGKBA0gTcRNMWzVJ0T-XooiMLwvcij3vUgWIS9ABvNfQUhzEdAXxPUj5B8mPlGJxM8J7wKfHaSLH4MSUDRPlMAGCXEFmsCSlhi4AAJ3lxgQsHTPqPwatN4bfaNoZnhk58gKDuU1sPyrNkGjc1lYzWEvj3idrocoH8gwPiCTWxmVkmsoQslGpd7JAD7XWZ1RWRHQSXBlnGOQMpx2ZMGUOrmGOCjblyUDQoAtQq35PY-Na5X1mYqVrEzNGgSDP3xv2PKytPb6yJqBJoiieJ5FDCoWTKuXAJZtGmYOSNpiPxmotubYRp9Dtgl_-IwiCKNkto_WRt

https://wetransfer-eu1.s3.amazonaws.com/f71f6684fcca5a5dbb0560781500f0a020151120172055?response-content-disposition=attachment; foo=bar; filename="wetransfer-f71f66.zip"; filename*=UTF-8''wetransfer-f71f66.zip&AWSAccessKeyId=AKIAIQ6E6WYDY7EA2ZIQ&Expires=1448136001&Signature=xsKhum10XvT1CK7WNGKVYCoLhrg=

http://www.powercommander.com/downloads/Support-Released/.../Install_Power_Commander_5_v1.0.6.4.zip

https://dl.djicdn.com/downloads/dji_assistant/.../DJI Assistant 2 1.0.9.exe.zip

https://app.talkfusion.com/.../download_toolbar.asp?file=win

http://downprov.brown1switch.com/direct?version=1.1.8.22&campid=10924&instid[appname]=[shesnew]. .gia.paige. .getting.fucked.for.losing.a.bet.[teamskeet]. .new.28.june.2015.new.torrent_Downloader&instid[appsetupurl]=http://go.mysoftwarelive.com/getfast/download.cgi?9&ti1=7710000&ti2=1&ti3=DD1_2015-07-07T03:59:47.064164+00:00&instid[cmdline]=/S /PERFORMINSTALL /NORUN&instid[appimageurl]=http://download.mysoftwarelive.com/d1/logo150x150.png&prefix=[shesnew]. .gia.paige. .getting.fucked.for.losing.a.bet.[teamskeet]. .new.28.june.2015.new.torrent&instid[thankyoupage]=http://download.mysoftwarelive.com/.../thank_you.php?ti1=7710000&ti2=1&ti3=DD1_2015-07-07T03:59:47.064164+00:00&parameter=[shesnew]. .gia.paige. .getting.fucked.for.losing.a.bet.[teamskeet]. .new.28.june.2015.new.torrent&instid[interrupted]=http://download.mysoftwarelive.com/.../interrupted.php?ti1=7710000&ti2=1&ti3=DD1_2015-07-07T03:59:47.064164+00:00&parameter=[shesnew].

https://5f8c44168e48a01b7c38b5ed7502c13713d0f83c.googledrive.com/host/.../PokemonLIFEAlpha19.zip

http://a.webmuzic.work/JUM4JUE4JUM5JTg1JUM5JTg3JUM5JTg2JUM5JTg3JUM5JTg1JUM5JTgxJUM4JThEJUM4JTlCJUM5JUFFJUM5JTk5JUM4JThEJUM4JTlCJUM5JUFDJUM5JUJDJUM5JTgwJUM5JThEJUM5JUI3JUM5JUE0JUM5JTgxJUM5JTlDJUM5JTlDJUM5JTg0JUM5JThEJUM5JTlCJUM5JTlDJUM5JUI3JUM5JUE5JUM5JTg2JUM5JThGJUM5JThEJUM5JTg0JUM5JUI3JUM4JTlBJUM4JTk4JUM4JTk5JUM4JTk5JUM5JUI3JUM5JUFDJUM5JUJFJUM5JUFDJUM5JUJBJUM5JTgxJUM5JTk4JUM5JUI3JUM5JUFEJUM5JTg2JUM5JThGJUM5JTg0JUM5JTgxJUM5JTlCJUM5JTgwJUM5JUI3JUM4JTgwJUM5JUE5JUM5JThCJUM5JThCJUM5JTgxJUM5JTk4JUM5JTgxJUM5JTlDJUM5JThEJUM5JTlBJUM4JTgx

http://192.168.2.40:8888/sdctl/.../Glazba_preuzeta_sa_AirDroid.zip?7bb=d7f43b7a9248b10682d00ecab6e457f7&des=1

http://www.dlldll.com/.../19879.html

http://www.good-bat.xyz/download.php?version=1.1.5.26&ci=3687&instid[appname]=Tap Sports Football Hack Cheat Tool Downloader&instid[appsetupurl]=http://fastmediadownloads.com/download/Prompt-Downloader-1770866501.exe&instid[cmdline]=&instid[appimageurl]=http://.../logo.png&prefix=Tap Sports Football Hack Cheat Downloader&instid[interrupted]=http://.../?cancel&ti1=1770866501&instid[thankyoupage]=http://.../?success

http://www.dll-found.com/zip/.../vorbisfile.dll.zip

https://cid-7fcd479cec306424.users.storage.live.com/downloadfiles/.../Zip

http://downprov.green-4-small-button.com/direct?version=1.1.8.22&campid=10924&instid[appname]=Windows 7 Loader By Daz v2.2.2 Full Version Activator Free Download rel=_Downloader&instid[appsetupurl]=http://go.livedownblue.com/getfast/download.cgi?9&ti1=9490000&ti2=0&ti3=0bq909wv1euu&instid[cmdline]=/S /PERFORMINSTALL /NORUN&instid[appimageurl]=http://download.livedownblue.com/d1/logo150x150.png&prefix=Windows 7 Loader By Daz v2.2.2 Full Version Activator Free Download rel=&instid[thankyoupage]=http://download.livedownblue.com/.../thank_you.php?ti1=9490000&ti2=0&ti3=0bq909wv1euu&parameter=Windows 7 Loader By Daz v2.2.2 Full Version Activator Free Download rel=&instid[interrupted]=http://download.livedownblue.com/.../interrupted.php?ti1=9490000&ti2=0&ti3=0bq909wv1euu&parameter=Windows 7 Loader By Daz v2.2.2 Full Version Activator Free Download rel=&ti1=9490000&ti2=0&ti3=0bq909wv1euu&_dest=files.green-1-small-button.com

http://www.autojuly112-ml-download.biz/tdownload.php?version=1.1.6.20&campid=14904&prefix=AnyKeyword&ti1=JHt3mBYcFsDmp5rSYZlLz3mvan7EdgT1cN01TkIHY532YNG87b-gjhh5ymowmykwAfQtu8e9nHy8A7xC74esoA2dtgon9MxBihw9nDxESNCBa&instid[appname]=AnyKeyword&q=AnyKeyword&s1=0259914174e1484cada85369a498e032f300e833&t1=1439583830

http://www.dll-found.com/zip/.../ApexFramework_x64.dll.zip

http://www.indir.eu/indir/.../download?version=169

http://download1985.mediafire.com/2hwlwtfa2nug/.../Odin Multi Downloader v4.28.exe.zip

https://doc-00-00-docs.googleusercontent.com/docs/secure/qo5de6o6vm6a0kbjel1da557d00qrv38/hiap7pe0vgrt0qvmldtickevvq9gkasg/1459584000000/.../12791311406926847824/C5Mzvp24y9CyEgjekUsFkZDkNbRFv7KVCPEXZQ8ixuJiDBTIk9GV3FjtTjMW26L3QLr2stcmfjMrA10o9_FJPArAAAsdaIrNZMFRGbWeL-OWTIsLZSUd7RZgooyfM-5U?a=documents-export-2016-04-02.zip&ai=C5Mzvp24y9CyEgjekUsFkZDkNbRFv7KVCPEXZQ8ixuJiDBTIk9GV3FjtTjMW26L3QLr2stcmfjMrA10o9_FJPArAAAsdaIrNZMFRGbWeL-OWTIsLZSUd7RZgooyfM-5U&ap=grOCTZLfQ5XMMuLscJRg4v8eGXG9a7Lc0-q_BAkseQXW-m9dySAbQQ

https://dllerrorfix.ru/.../skidrow.dll.zip

https://d1ob5g40gc5b6g.cloudfront.net/41/407091/.../AnimeStudioPro-TrialVersion-UniversalWin-9.2.exe.zip

http://www.autojuly112-ml-download.biz/tdownload.php?version=1.1.6.20&campid=13150&prefix=Kmsnano 24 Perfect Activator for Widnows download&ti1=Procracks&instid[appname]=Kmsnano 24 Perfect Activator for Widnows download&q=Kmsnano 24 Perfect Activator for Widnows download&s1=7a39f87a54df75ffca0f7a427588a1573b9a5b59&t1=1440264254

http://www.dlldownloader.com/msvcr120-dll/download/e8622eedaedd0a3016e20e4b8b9fb10f/.../

Latest 30 of 648 download URLs

Remove rebuilt.difxapi.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.