home

zillya.exe

Zillya Antivirus

ALLIT Service, LLC.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Zillya Antivirus’.
Publisher:
ALLIT Service, LLC.  (signed and verified)

Product:
Zillya Antivirus

Version:
1,1,2997,0

MD5:
a998982985605da55af5ff389d9e5a2a

SHA-1:
64721d5c5676e35f4010ad2557e268d385ea28bd

SHA-256:
50b6751e42b927df6bf756c94148ca7388c8a52a6aaa042befff7392ce93b848

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 2:26:51 AM UTC  (today)

File size:
1.9 MB (2,040,040 bytes)

Product version:
1,1,2997,0

Copyright:
(c) 2009 - 2011 ALLIT Service, LLC. All rights reserved.

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\zillya antivirus\zillya.exe

Digital Signature
Signed by:
ALLIT Service, LLC.

Authority:
The USERTRUST Network

Valid from:
3/23/2011 3:00:00 AM

Valid to:
3/23/2012 2:59:59 AM

Subject:
CN="ALLIT Service, LLC.", O="ALLIT Service, LLC.", STREET="Observatornaya st., 23, apt. 17", L=Kyiv, S=Kyivska, PostalCode=04053, C=UA

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
4D0A25012DF1FD466A61BB33E29EB980

File PE Metadata
Compilation timestamp:
3/30/2011 5:44:19 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
49152:aedDzq8gIQ2tDMucub9KspXi3g5FwwwwdHK:a8X3fCuZgawwwwdHK

Entry address:
0xFDB12

Entry point:
E8, BA, 05, 00, 00, E9, 35, FD, FF, FF, FF, 25, 04, CF, 52, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, FF, 25, 2C, CF, 52, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 53, 57, 33, FF, 8B, 44, 24, 10, 0B, C0, 7D, 14, 47, 8B, 54, 24, 0C, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 10, 89, 54, 24, 0C, 8B, 44, 24, 18, 0B, C0, 7D, 13, 8B, 54, 24, 14, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 18, 89, 54, 24, 14, 0B, C0, 75, 1B, 8B, 4C, 24, 14, 8B, 44, 24, 10, 33, D2, F7, F1, 8B, 44, 24, 0C, F7, F1, 8B...
 
[+]

Code size:
1.2 MB (1,224,704 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Zillya Antivirus

Command:
"C:\Program Files\zillya antivirus\zillya.exe" \min


Scan zillya.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.