» 112.exe
Overview
Analysis
File Details

112.exe

IQ Technology Inc.

The application 112.exe by IQ Technology has been detected as a potentially unwanted program by 28 anti-malware scanners.

File name:

112.exe

Publisher:

IQ Technology Inc. (signed and verified)

MD5:

b231a538583ad2363a25022d4c1d8c55

SHA-1:

5c206a0588ea7814e6c5b20091f1f74d3f9c42ce

SHA-256:

7ce8d23e7c11e2ab1a60750578319834a5536a004e517c77d278da705867a556

Scanner detections:

28 / 68

Status:

Potentially unwanted

Analysis date:

4/25/2024 12:13:30 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Zusy.144236

362

Agnitum Outpost

Packed/Exe32Pack

7.1.1

AhnLab V3 Security

Trojan/Win32.Banki

2015.06.30

Avira AntiVirus

TR/Injector.123016

8.3.1.6

Arcabit

Trojan.Zusy.D2336C

1.0.0.425

AVG

Inject2

2017.0.2840

Bitdefender

Gen:Variant.Zusy.144236

1.0.20.190

Bkav FE

W32.HfsAdware

1.3.0.6979

Clam AntiVirus

Win.Trojan.Farfli-3495

0.98/21511

Comodo Security

TrojWare.Win32.Downloader.Small.ai6

22624

Dr.Web

Trojan.Click1.61200

9.0.1.038

Emsisoft Anti-Malware

Gen:Variant.Zusy.144236

8.16.02.07.01

ESET NOD32

Win32/Injector.CBSX (variant)

10.11863

Fortinet FortiGate

W32/CBSX!tr

2/7/2016

F-Prot

W32/Trojan2.NNPL

v6.4.7.1.166

F-Secure

Gen:Variant.Zusy.144236

11.2016-07-02_1

G Data

Gen:Variant.Zusy.144236

16.2.25

IKARUS anti.virus

Trojan.Win32.Injector

t3scan.1.9.5.0

K7 AntiVirus

Riskware

13.205.16401

McAfee

Artemis!B231A538583A

5600.6496

Microsoft Security Essentials

VirTool:Win32/Injector.FS

1.1.11804.0

MicroWorld eScan

Gen:Variant.Zusy.144236

17.0.0.114

NANO AntiVirus

Trojan.Win32.CBSX.dsjket

0.30.24.2266

nProtect

Trojan.GenericKD.2454038

15.06.29.01

Qihoo 360 Security

Win32/Trojan.Adware.37e

1.0.0.1015

Sophos

Mal/Behav-118

4.98

Trend Micro

PAK_Generic.001

10.465.07

VIPRE Antivirus

Trojan.Win32.Generic.pak!cobra

41572

File size:

120.1 KB (123,016 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\112.exe

Digital Signature

Signed by:

IQ Technology Inc.

Authority:

VeriSign, Inc.

Valid from:

8/29/2012 9:00:00 AM

Valid to:

8/30/2015 8:59:59 AM

Subject:

CN=IQ Technology Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=IQ Technology Inc., L=Xizhi Dist., S=New Taipei City, C=TW

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

1BF449BBB2F0F19AC8CDF2BEB39AB9C2

File PE Metadata

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

3072:drhdjdY69uyQ+nAqFvWliU48S1iaM4TeqlkuT:xNnV/dR+4TeqGuT

Entry address:

0x3B000C

Entry point:

3B, C0, 74, 02, 81, 83, 55, 3B, C0, 74, 02, 81, 83, 53, 3B, C9, 74, 01, BC, 56, 3B, D2, 74, 02, 81, 85, 57, E8, 00, 00, 00, 00, 3B, DB, 74, 01, BE, 5D, 8B, D5, 81, ED, EC, 3A, 40, 00, 3B, E4, 74, 02, 81, 87, 2B, 95, FD, 3B, 40, 00, 81, EA, 2C, 00, 00, 00, 80, BD, 38, 3C, 40, 00, 00, 74, 18, 8B, 85, 1D, 3C, 40, 00, 03, 85, 27, 3C, 40, 00, 3B, C9, 74, 01, BA, 05, 1B, 05, 00, 00, FF, E0, 3B, C9, 74, 01, BA, 52, 3B, ED, 74, 01, B8, 8D, 85, 50, 3C, 40, 00, 50, 3B, C9, 74, 02, 81, 83, FF, 95, 2C, 3C, 40, 00, 8D... 
[+]

Entropy:

7.6875

Code size:

48.5 KB (49,664 bytes)

Remove 112.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.