home

zillya.exe

Zillya Antivirus

ALLIT Service LLC

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Zillya Antivirus’.
Publisher:
ALLIT Service, LLC.  (signed by ALLIT Service LLC)

Product:
Zillya Antivirus

Version:
1,1,2108,0

MD5:
05ebc88526452d43767e4377c996fadd

SHA-1:
60c22dd777aa8b288cce37399c419860eb91c287

SHA-256:
b2b9bcf04adfee1b1271d25b9f0fa57d516cb1008bb27119923a7dbea171b228

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 8:04:25 AM UTC  (today)

File size:
1.9 MB (2,032,888 bytes)

Product version:
1,1,2108,0

Copyright:
(c) 2009 ALLIT Service, LLC. All rights reserved.

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\zillya antivirus\zillya.exe

Digital Signature
Signed by:
ALLIT Service LLC

Authority:
VeriSign, Inc.

Valid from:
4/8/2009 3:00:00 AM

Valid to:
4/9/2010 2:59:59 AM

Subject:
CN=ALLIT Service LLC, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=ALLIT Service LLC, L=Kyiv, S=Kyiv, C=UA

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
36571A56B24016456FEB5611EBAC5225

File PE Metadata
Compilation timestamp:
3/11/2010 9:35:58 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
49152:4yHwOu7h/V/Xcr00hOT2JwREcj5FwwwwdH6:4yHwtV/Xcn6REwwwwwdH6

Entry address:
0x10A144

Entry point:
E8, 5B, 06, 00, 00, E9, 35, FD, FF, FF, FF, 25, 60, 7E, 53, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 53, 57, 33, FF, 8B, 44, 24, 10, 0B, C0, 7D, 14, 47, 8B, 54, 24, 0C, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 10, 89, 54, 24, 0C, 8B, 44, 24, 18, 0B, C0, 7D, 13, 8B, 54, 24, 14, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 18, 89, 54, 24, 14, 0B, C0, 75, 1B, 8B, 4C, 24, 14, 8B, 44, 24, 10, 33, D2, F7, F1, 8B, 44, 24, 0C, F7, F1, 8B, C2, 33, D2, 4F, 79, 4E, EB, 53, 8B, D8, 8B, 4C, 24, 14, 8B, 54, 24, 10...
 
[+]

Code size:
1.2 MB (1,269,760 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Zillya Antivirus

Command:
C:\Program Files\zillya antivirus\zillya.exe \min


Scan zillya.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.