» 0 mbam.exe
Overview
Analysis
File Details

0 mbam.exe

Malwarebytes Anti-Malware

The executable 0 mbam.exe has been detected as malware by 24 anti-virus scanners.

File name:

0 mbam.exe

Publisher:

Malwarebytes Corporation* (Invalid match)

Product:

Malwarebytes Anti-Malware

Version:

1.0.1.7

MD5:

bca8c7922b6194762f5a0027b0caab25

SHA-1:

6eb84ea7ea0de1686a56d1e528009cc9e107a37f

SHA-256:

2b06af53567eb740b26b2da22368b2a3ec9651e90fa9de1482c383b9793c4f7b

Scanner detections:

24 / 68

Status:

Malware

Analysis date:

4/24/2024 12:38:28 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Foreign.2

5646091

Avira AntiVirus

TR/Crypt.Xpack.105025

7.11.188.128

avast!

Win32:Malware-gen

150414-0

AVG

PSW.Generic12

2016.0.3136

Baidu Antivirus

Trojan.Win32.Yakes

4.0.3.15418

Bitdefender

Trojan.GenericKD.1988003

1.0.20.540

Dr.Web

Trojan.KillFiles.16565

9.0.1.05190

Emsisoft Anti-Malware

Trojan.Foreign

9.0.0.4799

ESET NOD32

Win32/PSW.Papras.DS trojan

7.0.302.0

Fortinet FortiGate

W32/Yakes.HHVG!tr

4/18/2015

F-Secure

Trojan.Foreign.2

5.13.68

G Data

Trojan.GenericKD.1988003

15.4.24

IKARUS anti.virus

Trojan.Win32.PSW

t3scan.1.8.3.0

K7 AntiVirus

Password-Stealer

13.185.14120

Kaspersky

Trojan.Win32.Yakes

15.0.0.543

Malwarebytes

Trojan.FakeMBAM.ED

v2015.04.18.09

McAfee

Trojan.Generic-FAVR!BCA8C7922B61

16.8.708.2

Norman

Trojan.GenericKD.1988003

03.12.2014 13:20:04

nProtect

Trojan.GenericKD.1988003

14.11.24.01

Qihoo 360 Security

HEUR/QVM10.1.Malware.Gen

1.0.0.1015

Sophos

Virus 'Troj/Agent-AKFW'

5.13

Total Defense

Win32/Tnega.bRBPbFC

37.0.11296

VIPRE Antivirus

Threat.4150696

38882

ViRobot

Trojan.Win32.S.Agent.402944.AH

2011.4.7.4223

File size:

393.5 KB (402,944 bytes)

Product version:

1.0.1.7

Original file name:

mbam.exe

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

11/21/2014 5:37:34 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

6144:V2MW1qOFxe+oE+JI9yQ6vL/wcPAaoDaENA0hN/FAb257kVVCl0YS:81qOC49yQ6vkYo2MASNtAb2oVVcLS

Entry address:

0x3C08

Entry point:

E8, 7F, 20, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, 00, D4, 40, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 20, D1, 40, 00, C9, C2, 08, 00, B8, 58, 68, 40, 00, A3, 48, 33, 41, 00, C7, 05, 4C, 33, 41, 00, 4E, 5F, 40, 00, C7, 05, 50, 33, 41, 00, 02, 5F, 40, 00, C7, 05, 54, 33, 41, 00, 3B, 5F, 40, 00, C7, 05... 
[+]

Code size:

45.5 KB (46,592 bytes)

Remove 0 mbam.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.