home

{00c2e40d-e33d-492a-8319-11c7669bff30}

The file {00c2e40d-e33d-492a-8319-11c7669bff30} has been detected as malware by 38 anti-virus scanners.
MD5:
598db9f8da2a81ce89e79889a0c62ce7

SHA-1:
80b814c51c3752d343e32c4f3dbcc8fb9d6cd672

SHA-256:
48b1ee2ef19b2707999019716afe6a724744c1e95e15a95a5ec4023d009a4e9e

Scanner detections:
38 / 68

Status:
Malware

Analysis date:
5/7/2024 10:56:05 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Generic.SysHijack.7AC7EAA9
856

Agnitum Outpost
Backdoor.PoisonIvy
7.1.1

AhnLab V3 Security
Trojan/Win32.Xema
2014.08.05

Avira AntiVirus
WORM/Rbot.Gen
7.11.165.34

avast!
Win32:Rootkit-gen [Rtk]
2014.9-141002

AVG
Generic12
2015.0.3334

Baidu Antivirus
Trojan.Win32.Staser
4.0.3.14102

Bitdefender
Generic.SysHijack.7AC7EAA9
1.0.20.1375

Bkav FE
W32.OLGQ.Trojan
1.3.0.4959

Comodo Security
TrojWare.Win32.TrojanDownloader.Small.~LR
19081

Dr.Web
BackDoor.Poison.696
9.0.1.0275

Emsisoft Anti-Malware
Generic.SysHijack.7AC7EAA9
8.14.10.02.03

ESET NOD32
Win32/Farfli.AY (variant)
8.10201

Fortinet FortiGate
W32/Staser.AY!tr
10/2/2014

F-Prot
W32/NewMalware-Rootkit-I-based!
v6.4.7.1.166

F-Secure
Generic.SysHijack.7AC7EAA9
11.2014-02-10_5

G Data
Generic.SysHijack.7AC7EAA9
14.10.24

IKARUS anti.virus
Trojan.Win32.SystemHijack
t3scan.1.6.1.0

K7 AntiVirus
Backdoor
13.182.12945

Kaspersky
Trojan.Win32.Staser
14.0.0.3164

Malwarebytes
Trojan.Backdoor.CH
v2014.10.02.03

McAfee
Artemis!598DB9F8DA2A
5600.6990

Microsoft Security Essentials
Trojan:Win32/SystemHijack.gen!C
1.10802

MicroWorld eScan
Generic.SysHijack.7AC7EAA9
15.0.0.825

NANO AntiVirus
Trojan.Win32.PoisonIvy.ygoj
0.28.2.61148

nProtect
Backdoor/W32.PoisonIvy.10240.AK
14.08.04.01

Panda Antivirus
Bck/PoisonIvy.E
14.10.02.03

Qihoo 360 Security
HEUR/Malware.QVM01.Gen
1.0.0.1015

Rising Antivirus
PE:Backdoor.Win32.Mnless.xb!1075173696
23.00.65.14930

Sophos
Mal/Behav-031
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Poison
10325

Total Defense
Win32/Storark.HU
37.0.11099

Trend Micro House Call
BKDR_POISON.SMH
7.2.275

Trend Micro
BKDR_POISON.SMH
10.465.02

Vba32 AntiVirus
BScope.Trojan.Win32.Inject.2
3.12.26.3

VIPRE Antivirus
BehavesLike.Win32.Malware.ssc (mx-v)
31910

ViRobot
Backdoor.Win32.PoisonIvy.10240.J
2011.4.7.4223

XVirus List
Win32.Detected
2.10.2

File size:
10 KB (10,240 bytes)

File PE Metadata
Compilation timestamp:
11/7/2008 9:31:10 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
96:4fyKjfexSHJAGme1MDlfVXQ4S+fo49OEr82MqlmXwL1wJZCACOnI891WTAWMdeR:rKjNDrMhtXQ6pOErGUFWZtIY7WAeR

Entry address:
0x8020

Entry point:
60, BE, 00, 60, 40, 00, 8D, BE, 00, B0, FF, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 75, 20, 41, 01, DB, 75...
 
[+]

Packer / compiler:
UPX 2.90LZMA

Code size:
12 KB (12,288 bytes)

Remove {00c2e40d-e33d-492a-8319-11c7669bff30} - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.