» {0463a3a5-dd1e-47a3-8f6b-9bc586d946f1}
Overview
Analysis
File Details

{0463a3a5-dd1e-47a3-8f6b-9bc586d946f1}

The file {0463a3a5-dd1e-47a3-8f6b-9bc586d946f1} has been detected as malware by 32 anti-virus scanners. This backdoor trojan may be used to conduct distributed denial of service attacks, or used to install additional trojans or other forms of malicious software as well as can steal your sensitive information.

File name:

MD5:

dcd6af15b68dd2282d533bf158c6ae14

SHA-1:

3ff1e4615c8dc0091284abe05245a107958e2c35

SHA-256:

0c4c3ee647c51db1dad735f78c75c5643263f65fabe590d7958ec9c7cf715a33

Scanner detections:

32 / 68

Status:

Malware

Analysis date:

4/26/2024 10:05:58 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Barys.7801

856

Avira AntiVirus

BDS/Bladabindi.bcgj

7.11.153.64

avast!

MSIL:Agent-BXF [Trj]

2014.9-141002

AVG

PSW.ILUSpy

2015.0.3334

Bitdefender

Gen:Variant.Barys.7801

1.0.20.1375

Comodo Security

TrojWare.MSIL.Bladabindi.KX

18446

Dr.Web

Trojan.DownLoader10.19872

9.0.1.0275

Emsisoft Anti-Malware

Gen:Variant.Barys.7801

8.14.10.02.03

ESET NOD32

MSIL/Bladabindi (variant)

8.9899

Fortinet FortiGate

MSIL/Agent.PPV!tr

10/2/2014

F-Prot

W32/MSIL_Bladabindi.A2.gen

v6.4.7.1.166

F-Secure

Gen:Variant.Barys.7801

11.2014-02-10_5

G Data

Gen:Variant.Barys.7801

14.10.24

IKARUS anti.virus

Trojan.Msil

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.1712319

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.3164

Malwarebytes

Trojan.MSIL

v2014.10.02.03

McAfee

BackDoor-FBIB!DCD6AF15B68D

5600.6990

Microsoft Security Essentials

Backdoor:MSIL/Bladabindi.AJ

1.10600

MicroWorld eScan

Gen:Variant.Barys.7801

15.0.0.825

NANO AntiVirus

Trojan.Win32.DownLoader10.ctopxm

0.28.0.60100

Norman

MSIL.BZ

11.20141002

Qihoo 360 Security

Malware.QVM03.Gen

1.0.0.1015

Quick Heal

Trojan.Bladabindi.B3

10.14.14.00

Rising Antivirus

PE:Backdoor.Bot!1.6675

23.00.65.14930

Sophos

Troj/MSIL-HX

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Barys

10325

Total Defense

Win32/DotNetDl.A!generic

37.0.10980

Trend Micro House Call

BKDR_BLADABI.SMC

7.2.275

Trend Micro

BKDR_BLADABI.SMC

10.465.02

Vba32 AntiVirus

Trojan.MSIL.Disfa

3.12.26.0

VIPRE Antivirus

Trojan.MSIL.Bladabindi.agxy

29982

File size:

29 KB (29,696 bytes)

File PE Metadata

Compilation timestamp:

5/17/2014 12:51:52 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

384:Ayotl7bJdYQwiJYYHt5PgjmOmmDqFE4eoKGBsbh0w4wlAokw9OhgOL1vYRGOZzz1:67/YQwiNGjAmu3eYBKh0p29SgRJTT

Entry address:

0x8B2E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

27 KB (27,648 bytes)

Remove {0463a3a5-dd1e-47a3-8f6b-9bc586d946f1} - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.