» 11ca8a63-4065-681c-7c7f-762c6990f578.exe
Overview
Analysis
File Details

11ca8a63-4065-681c-7c7f-762c6990f578.exe

The application 11ca8a63-4065-681c-7c7f-762c6990f578.exe has been detected as a potentially unwanted program by 14 anti-malware scanners.

File name:

MD5:

fba613f58c2006fe1a4d05ad72a3abf2

SHA-1:

392b6d637d8fc7e341f17e45a5e072f4d01346f8

SHA-256:

8b502226ec15032cc04f11c190caeda1447bffb938cf942587cba5e7ad090f6f

Scanner detections:

14 / 68

Status:

Potentially unwanted

Analysis date:

4/20/2024 4:52:46 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.Strictor.76935

726

Avira AntiVirus

Adware/AddLyrics.478720.20

7.11.208.88

avast!

Win32:Adware-gen [Adw]

2014.9-150208

AVG

AddLyrics_r

2016.0.3204

Baidu Antivirus

Adware.Win32.AddLyrics

4.0.3.1521

Bitdefender

Gen:Variant.Adware.Strictor.76935

1.0.20.195

Dr.Web

Trojan.Lyrics.362

9.0.1.039

Emsisoft Anti-Malware

Gen:Variant.Adware.Strictor.76935

8.15.02.08.11

ESET NOD32

Win32/Adware.AddLyrics.DM application

7.0.302.0

F-Secure

Gen:Variant.Adware.Strictor.76935

11.2015-08-02_1

G Data

Gen:Variant.Adware.Strictor.76935

15.2.25

MicroWorld eScan

Gen:Variant.Adware.Strictor.76935

16.0.0.117

NANO AntiVirus

Riskware.Win32.AddLyrics.dnojxl

0.30.0.65070

Reason Heuristics

Threat.Win.Reputation.IMP

15.2.8.23

File size:

467.5 KB (478,720 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\11ca8a63-4065-681c-7c7f-762c6990f578.exe

File PE Metadata

Compilation timestamp:

1/29/2015 9:59:07 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

12288:jidMolR7/y3LhwiUwJgceTQV8j1P/wXcX3aBz:jO7/y3LzgceTQijF/wMH

Entry address:

0x24C6B

Entry point:

E8, AD, C5, 00, 00, E9, 39, FE, FF, FF, 55, 8B, EC, 8D, 45, 14, 50, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, D5, C6, 00, 00, 83, C4, 10, 5D, C3, 55, 8B, EC, 8D, 45, 10, 50, 6A, 00, FF, 75, 0C, FF, 75, 08, E8, F7, C6, 00, 00, 83, C4, 10, 5D, C3, 55, 8B, EC, 8D, 45, 14, 50, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, DD, C6, 00, 00, 83, C4, 10, 5D, C3, 55, 8B, EC, 8D, 45, 14, 50, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, E1, C6, 00, 00, 83, C4, 10, 5D, C3, 6A, 0C, 68, B8, C1, 45, 00, E8, E8, 26, 00, 00, 33, C0, 8B... 
[+]

Code size:

307 KB (314,368 bytes)

Remove 11ca8a63-4065-681c-7c7f-762c6990f578.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.