» البرنامج.exe
Overview
Analysis
File Details

البرنامج.exe

The application البرنامج.exe has been detected as a potentially unwanted program by 25 anti-malware scanners.

File name:

البرنامج.exe

MD5:

89ee5b3ccb73df76657107beafc5ccf6

SHA-1:

c0f40b2402be8d0529b98c95d54c56b250780a33

SHA-256:

f6e6845f13de8a9cfc68dc4d097a7fc7f34cba6d74b21449b2f44d82737f1296

Scanner detections:

25 / 68

Status:

Potentially unwanted

Analysis date:

4/25/2024 5:57:46 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Spyware.Tool.Hardoff.B

5707118

Agnitum Outpost

Trojan.Bumat

7.1.1

Avira AntiVirus

TR/Shutdown.40960.2

8.3.1.6

Arcabit

Spyware.Tool.Hardoff.B

1.0.0.425

avast!

Evo-gen [Susp]

150602-1

AVG

ExitWin.D

2016.0.3061

Baidu Antivirus

Hacktool.Win32.Shutdown

4.0.3.1571

Bitdefender

Trojan.Shutdown.J

1.0.20.910

Comodo Security

ApplicUnsaf.Win32.Shutdowner.DB

22638

Dr.Web

Threat.Undefined

9.0.1.05190

Emsisoft Anti-Malware

Trojan.Shutdown

10.0.0.5366

ESET NOD32

Win32/Shutdown.NAA potentially unsafe application

7.0.302.0

F-Prot

W32/HackTool.COH (exact, not disinfectable)

4.6.5.141

F-Secure

Trojan.Shutdown.J

11.2015-01-07_4

G Data

Trojan.Shutdown

15.7.25

IKARUS anti.virus

not-a-virus:RiskTool.Win32.Shutdown

t3scan.1.9.5.0

McAfee

Trojan.Generic.dx!6B18FFA8E5B3

17.6.569.0

Microsoft Security Essentials

Threat.Undefined

1.201.530.0

MicroWorld eScan

Trojan.Shutdown.J

16.0.0.546

NANO AntiVirus

Riskware.Win32.ShutDown.kxdoi

0.30.24.2320

Norman

Trojan.Shutdown.J

02.06.2015 14:23:46

Qihoo 360 Security

Win32/Trojan.Spy.c53

1.0.0.1015

Rising Antivirus

PE:Trojan.Win32.Generic.155DCBBE!358468542

23.00.65.15629

Sophos

Mal/Generic-S

4.98

VIPRE Antivirus

Threat.4657539

40824

File size:

226 KB (231,424 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

7/12/2005 5:02:48 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

5.0

CTPH (ssdeep):

3072:FMEMvxdknmg1tDbuLB+5xGT21JqaEvNRlhfPSc1qoYUZQdQL+QLmRcSVP7sOt4tx:FME1nmg1tDbJ5621YNPBPeHG8cSZ5c

Entry address:

0x1000

Entry point:

E8, 9B, 27, 00, 00, 50, E8, A7, 22, 01, 00, 00, 00, 00, 00, 90, 55, 8B, EC, 53, 56, 57, 8B, 7D, 10, 8B, 5D, 0C, 8B, 75, 08, 8B, D3, FF, 75, 14, 68, E5, 40, 41, 00, 6A, 00, 6A, 00, 8B, C6, 8B, CF, E8, 26, 43, 00, 00, 81, EB, 10, 01, 00, 00, 74, 05, 4B, 74, 14, EB, 57, FF, 75, 14, 6A, 66, 56, E8, F8, 24, 01, 00, B8, 01, 00, 00, 00, EB, 47, 66, 81, E7, FF, FF, 66, FF, CF, 74, 07, 66, FF, CF, 74, 23, EB, 30, 68, 80, 00, 00, 00, 68, D4, 50, 41, 00, 6A, 65, 56, E8, 3E, 24, 01, 00, 6A, 01, 56, E8, 18, 24, 01, 00... 
[+]

Entropy:

7.2969

Code size:

252 KB (258,048 bytes)

Remove البرنامج.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.