home

zillya.exe

Zillya Antivirus

ALLIT Service, LLC.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Zillya Internet Security’.
Publisher:
ALLIT Service, LLC.  (signed and verified)

Product:
Zillya Antivirus

Description:
Zillya Internet Security

Version:
1,1,4324,0

MD5:
d51f2d6cc49fd9ed736b0900aa10fbe3

SHA-1:
335b3379863ffcfd5445269eb14517c6c3071850

SHA-256:
d08031244f69db6ad13519a72c72cf553e67b618f0335e9549551eed8fd61909

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 11:27:31 AM UTC  (today)

File size:
4.2 MB (4,394,016 bytes)

Product version:
1,1,4324,0

Copyright:
(c) 2009 - 2013 ALLIT Service, LLC. All rights reserved.

Original file name:
Zillya Internet Security

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\zillya internet security\zillya.exe

Digital Signature
Signed by:
ALLIT Service, LLC.

Authority:
COMODO CA Limited

Valid from:
7/4/2013 2:00:00 AM

Valid to:
7/5/2014 1:59:59 AM

Subject:
CN="ALLIT Service, LLC.", O="ALLIT Service, LLC.", STREET="Observatornaya st., 23, apt. 17", L=Kyiv, S=Kyivska, PostalCode=04053, C=UA

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00F11A5E458C5FF44BEE23F0E59EA67D0C

File PE Metadata
Compilation timestamp:
6/20/2014 2:08:32 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
49152:BZ3BBo3Kr+FjLhlyMPCZQyWVq3FtjsIeMmNlQ+Ma0G8l4wbLYnv0ysN7hNSFOlFH:1acRVa0fGj2X

Entry address:
0x29A809

Entry point:
E8, AF, 0A, 00, 00, E9, 36, FD, FF, FF, 53, 8A, 5C, 24, 08, F6, C3, 02, 56, 8B, F1, 74, 24, 57, 68, 3E, B5, 69, 00, 8D, 7E, FC, FF, 37, 6A, 0C, 56, E8, F0, 01, 00, 00, F6, C3, 01, 74, 07, 57, E8, 10, F2, FF, FF, 59, 8B, C7, 5F, EB, 13, E8, F5, 0C, 00, 00, F6, C3, 01, 74, 07, 56, E8, FA, F1, FF, FF, 59, 8B, C6, 5E, 5B, C2, 04, 00, FF, 25, B0, F0, 6F, 00, 3B, 0D, 4C, 6D, 7B, 00, 75, 02, F3, C3, E9, E0, 0A, 00, 00, CC, FF, 25, AC, F0, 6F, 00, FF, 25, F8, EF, 6F, 00, FF, 25, F0, EF, 6F, 00, CC, CC, CC, CC, CC...
 
[+]

Entropy:
6.1739

Code size:
3 MB (3,133,440 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Zillya Internet Security

Command:
"C:\Program Files\zillya internet security\zillya.exe" \min


Scan zillya.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.