home

zillya.exe

Zillya Antivirus

ALLIT Service LLC

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Zillya Antivirus’.
Publisher:
ALLIT Service, LLC.  (signed by ALLIT Service LLC)

Product:
Zillya Antivirus

Version:
1,1,2044,0

MD5:
5861db7b809021bd5b310d8d1ca26d8c

SHA-1:
df9b7fe431a79371756a188497f85fc073518303

SHA-256:
659bb970a4464e3e6c7d3e0455a20657a3200ef7492cab1ffe4f4fd93eb5cadc

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 7:09:46 AM UTC  (today)

File size:
1.9 MB (2,024,696 bytes)

Product version:
1,1,2044,0

Copyright:
(c) 2009 ALLIT Service, LLC. All rights reserved.

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\zillya antivirus\zillya.exe

Digital Signature
Signed by:
ALLIT Service LLC

Authority:
VeriSign, Inc.

Valid from:
4/8/2009 2:00:00 AM

Valid to:
4/9/2010 1:59:59 AM

Subject:
CN=ALLIT Service LLC, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=ALLIT Service LLC, L=Kyiv, S=Kyiv, C=UA

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
36571A56B24016456FEB5611EBAC5225

File PE Metadata
Compilation timestamp:
3/1/2010 9:43:16 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
49152:7yboIuQj1surqHbKQh/YTXXtHa5FwwwwdHF:7euoZrqHoXtAwwwwdHF

Entry address:
0x108F80

Entry point:
E8, 4F, 06, 00, 00, E9, 35, FD, FF, FF, FF, 25, 6C, 6E, 53, 00, 53, 57, 33, FF, 8B, 44, 24, 10, 0B, C0, 7D, 14, 47, 8B, 54, 24, 0C, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 10, 89, 54, 24, 0C, 8B, 44, 24, 18, 0B, C0, 7D, 13, 8B, 54, 24, 14, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 18, 89, 54, 24, 14, 0B, C0, 75, 1B, 8B, 4C, 24, 14, 8B, 44, 24, 10, 33, D2, F7, F1, 8B, 44, 24, 0C, F7, F1, 8B, C2, 33, D2, 4F, 79, 4E, EB, 53, 8B, D8, 8B, 4C, 24, 14, 8B, 54, 24, 10, 8B, 44, 24, 0C, D1, EB, D1, D9, D1, EA, D1, D8...
 
[+]

Code size:
1.2 MB (1,265,664 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Zillya Antivirus

Command:
C:\Program Files\zillya antivirus\zillya.exe \min


Scan zillya.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.