Should I block it?
90% of PCs block this file from running.
Possible reason:
Multiple malware detections
Additional versions
(Note, the developer publishes each variation of this file with the same version, but the hashes are unique.)
 PE file structure
|
Show functions |
Import table
kernel32.dll
SetUnhandledExceptionFilter, GetModuleFileNameW, GetModuleHandleA, LoadLibraryA, LocalAlloc, LocalFree, GetModuleFileNameA, ExitProcess
user32.dll
wsprintfA
Export table
GetFileVersionInfoA
GetFileVersionInfoByHandle
GetFileVersionInfoExW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeExW
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerFindFileA
VerFindFileW
VerInstallFileA
VerInstallFileW
VerLanguageNameA
VerLanguageNameW
VerQueryValueA
VerQueryValueW
version.dll
| MD5: | c7c0439f9f872fdbe84744f2d7440729 |
| SHA1: | 94cc91142e6502b94a93c31d8fe766f4b46dfb9c |
| SHA256: | f1695a96358016d524059eb14dd1583de2551de8acdd66f4caa66f0a2504dc3e |
Warning 7 antivirus scanners has detected malware.
Overview
version.dll is malware that is loaded as dynamic link library that runs in the context of a process. It is installed with a couple of know programs including µTorrent published by BitTorrent Inc. and avast! Internet Security published by AVAST Software.
Details
| File name: | version.dll |
| Typical file path: | C:\Program Files\avast software\avast\version.dll |
| Size: | 817 KB (836,608 bytes) |
| Digital DNA |
| PE subsystem: | Windows GUI |
| File packed: | No |
| .NET CLR: | No |
More details
Programs
The following programs will install this file
“avast! Internet Security provides complete antivirus, anti-spyware, antispam, and firewall protection, complemented by avast! SafeZone™ and new hybrid cloud technologies, for best protection against viruses, spyware, and other types of malware. SafeZone creates a private and isolated virtual window on your desktop for safely making your sensitive financial transactions when shopping or banking online.”
µTorrent is a is a free, ad-supported, lighter-weight BitTorrent client designed to consume less resources then the full BitTorrent version. Some uTorrent installs include potentially unwanted programs in the form of the Conduit Engine, which installs a toolbar, and makes homepage and default search engine changes to a user's web browser.
Malware detections
Based on 40+ industry antivirus scanners, 7 of them detected the following malware.
| Antivirus engine | Engine version | Detection |
| AVG |
2014.0.3629 |
Crypt.BMNX |
| eSafe |
7.0.17.0 |
Win32.Trojan |
| Ikarus |
T3.1.4.0.0 |
Trojan.Crypt |
| Norman |
7.00.22 |
Suspicious_Gen5.MHXS |
| Symantec |
20121.3.0.76 |
WS.Reputation.1 |
| Trend Micro HouseCall |
9.700.0.1001 |
TROJ_GEN.RCBH1D2 |
| VIPRE Antivirus |
16870 |
Trojan.Win32.Generic!BT |
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Ultimate |
42.86% |
|
| Windows Vista Ultimate |
28.57% |
|
| Windows 8 Pro with Media Center |
14.29% |
|
| Windows 8 Pro |
14.29% |
|
Distribution by country
United States installs about 28.57% of version.dll.
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| ASUS |
57.14% |
|
| Lenovo |
28.57% |
|
| Acer |
14.29% |
|
