» xfkfkiq.dll
Overview
Analysis
File Details

xfkfkiq.dll

The module xfkfkiq.dll has been detected as a potentially unwanted program by 11 anti-malware scanners. The setup routine uses the RevenYou.Com Pay Per Install platform (OutBrowse) which bundles additional software offers inclduing toolbars, extensions, PC utilities as well as other PUPs.

File name:

xfkfkiq.dll

MD5:

8c2152c829e778354786c1e8f306f0d0

SHA-1:

14b54048030471d25204f3999a83c41ffea682bb

Scanner detections:

11 / 68

Status:

Potentially unwanted

Explanation:

Bundles additional adware offers during download and installation using the OutBrowse installer.

Analysis date:

4/25/2024 11:16:40 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.Mikey.21084

551

Avira AntiVirus

PUA/Outbrowse.Gen

8.3.1.6

Arcabit

Trojan.Adware.Mikey.D525C

1.0.0.425

Bitdefender

Gen:Variant.Adware.Mikey.21084

1.0.20.1075

Emsisoft Anti-Malware

Gen:Variant.Adware.Mikey.21084

8.15.08.03.05

ESET NOD32

Win32/OutBrowse.CI potentially unwanted (variant)

9.12038

F-Secure

Gen:Variant.Adware.Mikey

11.2015-03-08_2

G Data

Gen:Variant.Adware.Mikey.21084

15.8.25

herdProtect (fuzzy)

variant of kpzrbyg.dll

2015.9.8.1

MicroWorld eScan

Gen:Variant.Adware.Mikey.21084

16.0.0.645

Reason Heuristics

Threat.Win.Reputation.IMP

15.8.10.18

File size:

137 KB (140,288 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\Documents and Settings\{user}\Local settings\temp\{random}.tmp\xfkfkiq.dll

File PE Metadata

Compilation timestamp:

8/2/2015 8:10:01 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

10.0

CTPH (ssdeep):

3072:uUmmLe9vPa2AYS5dFPfb8JG4dmXqF3ojHSG:uUfLe9yyJbEaiHSG

Entry address:

0x9B4E

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 62, 61, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 51, 53, 56, 8B, 35, 28, B0, 01, 10, 57, FF, 35, AC, 35, 02, 10, FF, D6, FF, 35, A8, 35, 02, 10, 8B, D8, 89, 5D, FC, FF, D6, 8B, F0, 3B, F3, 0F, 82, 81, 00, 00, 00, 8B, FE, 2B, FB, 8D, 47, 04, 83, F8, 04, 72, 75, 53, E8, AA, 61, 00, 00, 8B, D8, 8D, 47, 04, 59, 3B, D8, 73, 48, B8, 00, 08, 00, 00, 3B, D8, 73, 02, 8B, C3, 03, C3, 3B, C3, 72, 0F, 50, FF... 
[+]

Entropy:

6.4142

Code size:

101 KB (103,424 bytes)

Remove xfkfkiq.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.