» תוכנה נדירה.exe
Overview
Analysis
File Details
Downloads (1)

תוכנה נדירה.exe

תוכנה נדירה

The executable תוכנה נדירה.exe has been detected as malware by 10 anti-virus scanners. The file has been seen being downloaded from down.upf.co.il.

File name:

תוכנה נדירה.exe

Product:

תוכנה נדירה

Version:

1.0.0.0

MD5:

93cbe46c581d5431e24bf48c75686ca1

SHA-1:

a1aa8e6b73e4cf187c03ce387029326bfb81ef98

SHA-256:

12d7265d38d602977f03168a168a5ce37e8162dc3e3af1a82c7794a3dfc1abf5

Scanner detections:

10 / 68

Status:

Malware

Analysis date:

5/3/2024 12:53:26 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.11978095

444

Avira AntiVirus

TR/Spy.A.7537

7.11.180.204

Bitdefender

Trojan.Generic.11978095

1.0.20.1610

Emsisoft Anti-Malware

Trojan.Generic.11978095

8.15.11.18.09

F-Secure

Trojan.Generic.11978095

11.2015-18-11_4

G Data

Trojan.Generic.11978095

15.11.24

IKARUS anti.virus

Trojan.Spy

t3scan.1.7.8.0

MicroWorld eScan

Trojan.Generic.11978095

16.0.0.966

nProtect

Trojan.Generic.11978095

14.10.22.01

Qihoo 360 Security

Win32/Trojan.Spy.63d

1.0.0.1015

File size:

56.5 KB (57,856 bytes)

Product version:

1.0.0.0

Original file name:

תוכנה נדירה.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\????? ?????.exe

File PE Metadata

Compilation timestamp:

9/28/2014 2:55:26 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

768:FAG15E/lsPWMvBKK1jMpTpFCOxijWqlQsfDU7mxOMYbKsD3bDAWXP4YDLJUAXSS8:dRD3jgT3COAjR+ofQKsD3Htf4Ky

Entry address:

0xED9E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 2E, F7, 27, 54, 00, 00, 00, 00, 02, 00, 00, 00, 86, 00, 00, 00, 1C, 00, 01, 00, 1C, D2, 00, 00, 52, 53... 
[+]

Entropy:

6.4976

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

51.5 KB (52,736 bytes)

The file תוכנה נדירה.exe has been seen being distributed by the following URL.

http://down.upf.co.il/downloadnew/file/.../09f9677e200812d78a90953bea7ebb23_N13371337ug5VUI1Emu13371337oTI4nLOqg==

Remove תוכנה נדירה.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.