» 인터넷 속도 향상.exe
Overview
Analysis
File Details

인터넷 속도 향상.exe

The executable 인터넷 속도 향상.exe has been detected as malware by 38 anti-virus scanners. According to AVG, this software downloads additional adware offers during setup.

File name:

인터넷 속도 향상.exe

MD5:

d8ccb1ba07b3416a86bda4a35350ce2f

SHA-1:

baf61557e5a913cc7c906a5d62e905f75a1c0277

SHA-256:

5da620d7ede841f7078a507e09509c6060bb548060b982d3eba02c72d58a398b

Scanner detections:

38 / 68

Status:

Malware

Analysis date:

5/8/2024 3:13:16 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Backdoor.SdBot.DFSG

836

Agnitum Outpost

Backdoor.Ceckno.ANJ

7.1.1

AhnLab V3 Security

Trojan/Win32.Agent

2014.10.22

Avira AntiVirus

Rkit/Agent.dqk

7.11.30.172

avast!

Agent-TTC [Trj]

141003-0

AVG

Trojan horse Downloader.Agent2.ULX

2014.0.4040

Bitdefender

Backdoor.SdBot.DFSG

1.0.20.1475

Bkav FE

HW32.Packed

1.3.0.4959

Clam AntiVirus

Trojan.Spy-51857

0.98/21411

Comodo Security

TrojWare.Win32.TrojanDownloader.Agent.~CHL

19870

Dr.Web

BackDoor.Attack.50

9.0.1.05190

Emsisoft Anti-Malware

Backdoor.SdBot.DFSG

14.10.22

ESET NOD32

Win32/DoS.Sypak trojan

7.0.302.0

F-Prot

W32/Agent.SP.gen

4.6.5.141

F-Secure

Backdoor.SdBot.DFSG

11.2014-22-10_4

G Data

Backdoor.SdBot.DFSG

14.10.24

IKARUS anti.virus

Rootkit.Win32.Agent

t3scan.1.7.8.0

K7 AntiVirus

DoS-Trojan

13.184.13741

Kaspersky

Trojan-Downloader.Win32.Injepe

15.0.0.494

Malwarebytes

Trojan.Inject.NT

v2014.10.22.03

McAfee

BackDoor-DSH

5600.6970

Microsoft Security Essentials

Threat.Undefined

1.187.104.0

MicroWorld eScan

Backdoor.SdBot.DFSG

15.0.0.885

NANO AntiVirus

Trojan.Win32.Injepe.cqvbm

0.28.2.62841

Norman

Downloader

11.20141022

nProtect

Trojan-Downloader/W32.Agent.98304.CJ

14.10.21.01

Qihoo 360 Security

Malware.QVM19.Gen

1.0.0.1015

Quick Heal

(Suspicious) - DNAScan

10.14.14.00

Rising Antivirus

PE:Trojan.Win32.Undef.ksv!1075152562

23.00.65.141020

Sophos

Mal/Packer

4.98

SUPERAntiSpyware

Backdoor.Sdbot

10285

Total Defense

Win32/Clstealth.K

37.0.11241

Trend Micro House Call

TROJ_AGENT.APRV

7.2.295

Trend Micro

TROJ_AGENT.APRV

10.465.22

Vba32 AntiVirus

Trojan.NtRootKit

3.12.26.3

VIPRE Antivirus

Threat.4726251

33706

ViRobot

Backdoor.Win32.Ceckno.86016.B

2011.4.7.4223

Zillya! Antivirus

Downloader.Agent.Win32.66861

2.0.0.1962

File size:

96 KB (98,304 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\vmwarednd\889d80da\??? ?? ??.exe

File PE Metadata

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

1536:6myadtRKTtaKNzjOHHQ63MRD+fKXlK74jl7s1PzDiyP/2YJMWbco:VvWNz6HHQ63SD+mjl7s1reE/2AMWbc

Entry address:

0x52000

Entry point:

53, 51, 52, 56, 57, 55, E8, 00, 00, 00, 00, 5D, 81, ED, 52, CE, 45, 00, 8B, 9D, 01, D6, 45, 00, 85, DB, 0F, 85, 8B, 01, 00, 00, 89, E8, 05, 47, CE, 45, 00, 2B, 85, D5, D5, 45, 00, 89, 85, DD, D5, 45, 00, 31, FF, 66, 8B, 78, 3C, 01, C7, 8B, BF, 80, 00, 00, 00, 03, BD, DD, D5, 45, 00, 8B, 47, 28, 89, 85, AE, D6, 45, 00, 8B, 47, 2C, 89, 85, AA, D6, 45, 00, 8D, 85, 39, D6, 45, 00, 8D, 9D, 5D, D6, 45, 00, E8, 7B, 01, 00, 00, 89, 85, B2, D6, 45, 00, 8D, 85, 2C, D6, 45, 00, 8D, 9D, 44, D6, 45, 00, E8, 64, 01, 00... 
[+]

Entropy:

6.8223

Packer / compiler:

PE, 0xDiminisher V0.1

Code size:

32 KB (32,768 bytes)

Remove 인터넷 속도 향상.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.