» {0000cb08-3769-7931}
Overview
Analysis
File Details

{0000cb08-3769-7931}

OraclePasswordAuditor

SecurityXploded

The file {0000cb08-3769-7931}, “Oracle Password Recovery & Auditing Software” has been detected as malware by 30 anti-virus scanners.

File name:

Publisher:

SecurityXploded

Product:

OraclePasswordAuditor

Description:

Oracle Password Recovery & Auditing Software

Version:

2.0.0.0

MD5:

d8161c9b37b7d7d01c74424aac387bdb

SHA-1:

548d9c68cd4a984c2f5a7610c419db846e2f18e8

Scanner detections:

30 / 68

Status:

Malware

Analysis date:

4/25/2024 6:27:41 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1584526

647

AhnLab V3 Security

Backdoor/Win32.Necurs

15.04.28

Avira AntiVirus

TR/Rogue.1584526

7.11.141.166

avast!

Win32:Malware-gen

2014.9-150428

AVG

Win32/Cryptor

2016.0.3125

Baidu Antivirus

Trojan.Win32.Yakes

4.0.3.15428

Bitdefender

Trojan.GenericKD.1584526

1.0.20.590

Comodo Security

UnclassifiedMalware

18059

Dr.Web

Trojan.Inject1.37529

9.0.1.0118

Emsisoft Anti-Malware

Trojan.GenericKD.1584526

8.15.04.28.04

ESET NOD32

Win32/Injector.AYNC (variant)

9.9639

Fortinet FortiGate

W32/Yakes.EAIV!tr

4/28/2015

F-Secure

Trojan.GenericKD.1584526

11.2015-28-04_3

G Data

Trojan.GenericKD.1584526

15.4.24

IKARUS anti.virus

Trojan-Spy.Win32.Zbot

t3scan.2.2.29

K7 AntiVirus

Trojan

13.176.11663

Kaspersky

Trojan.Win32.Yakes

14.0.0.2122

Malwarebytes

Trojan.Agent.ED

v2015.04.28.04

McAfee

RDN/Generic PWS.y!yt

5600.6781

Microsoft Security Essentials

TrojanSpy:Win32/Shiotob.B

1.10401

MicroWorld eScan

Trojan.GenericKD.1584526

16.0.0.354

NANO AntiVirus

Trojan.Win32.Yakes.ctzjlz

0.28.0.58873

Norman

Injector.GEAF

11.20150428

nProtect

Trojan.GenericKD.1584526

14.04.06.01

Panda Antivirus

Generic Malware

15.04.28.04

Qihoo 360 Security

Win32/Trojan.2fa

1.0.0.1015

Sophos

Mal/Inject-EQ

4.98

Trend Micro House Call

TROJ_GEN.R047C0DBS14

7.2.118

Trend Micro

TROJ_GEN.R047C0DBS14

10.465.28

VIPRE Antivirus

Trojan.Win32.Generic

28102

File size:

183 KB (187,392 bytes)

Product version:

2.0.0.0

Original file name:

OraclePasswordAuditor.exe

Language:

English (United States)

Common path:

C:\Documents and Settings\{user}\Local settings\temp\{0000cb08-3769-7931}

File PE Metadata

Compilation timestamp:

2/25/2014 5:42:40 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

3072:B6GdFua2GxqiSgrEUnxJymg0ZsYm3k0uzREWOqatUnAWJ6TQLJsLksvx9ikl:B9dXnxqiHZsPk5zREWOUTJ6slSZvd

Entry address:

0x2836

Entry point:

E8, 19, 34, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, 56, 8B, F1, C6, 46, 0C, 00, 85, C0, 75, 63, E8, 1A, 31, 00, 00, 89, 46, 08, 8B, 48, 6C, 89, 0E, 8B, 48, 68, 89, 4E, 04, 8B, 0E, 3B, 0D, 88, 41, 41, 00, 74, 12, 8B, 0D, 40, 3F, 41, 00, 85, 48, 70, 75, 07, E8, 13, 3E, 00, 00, 89, 06, 8B, 46, 04, 3B, 05, 48, 3E, 41, 00, 74, 16, 8B, 46, 08, 8B, 0D, 40, 3F, 41, 00, 85, 48, 70, 75, 08, E8, 72, 36, 00, 00, 89, 46, 04, 8B, 46, 08, F6, 40, 70, 02, 75, 14, 83, 48, 70, 02, C6, 46, 0C, 01, EB, 0A... 
[+]

Code size:

47 KB (48,128 bytes)

Remove {0000cb08-3769-7931} - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.