home

1364107725_ariadnes-thread-dlya-minecraft-1_5_1.exe

ABSOLYUT TREID, OOO

The application 1364107725_ariadnes-thread-dlya-minecraft-1_5_1.exe by ABSOLYUT TREID, OOO has been detected as adware by 28 anti-malware scanners.
Publisher:
ABSOLYUT TREID, OOO  (signed and verified)

MD5:
b68ad977c6b7a7d6a323c638c9afc45f

SHA-1:
5cccb4eb97577f4a3e0991eb634d7dcc1c96d6e2

SHA-256:
75d9ec30c8c51ee4bfbf4f1d4c1e17204d2efae9012636cef51c1752556a1770

Scanner detections:
28 / 68

Status:
Adware

Analysis date:
4/27/2024 4:19:18 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Application.LoadMoney.64
819

AhnLab V3 Security
PUP/Win32.LoadMoney
2014.11.08

Avira AntiVirus
TR/Kazy.queimneba
7.11.183.172

AVG
Win32/Cryptor
2014.0.4189

Bitdefender
Gen:Variant.Application.LoadMoney.64
1.0.20.1555

Comodo Security
TrojWare.Win32.Kryptik.BVPA
20018

Dr.Web
Trojan.LoadMoney.15
9.0.1.05190

Emsisoft Anti-Malware
Gen:Variant.Application.LoadMoney.64
14.11.07

ESET NOD32
Win32/LoadMoney.AA potentially unwanted application
7.0.302.0

Fortinet FortiGate
W32/LdMon.E!tr
11/7/2014

F-Prot
W32/LoadMoney.M4.gen
v6.4.7.1.166

F-Secure
Gen:Variant.Application.LoadMoney
11.2014-07-11_6

G Data
Gen:Variant.Application.LoadMoney.64
14.11.24

IKARUS anti.virus
Virus.Win32.Cryptor
t3scan.1.8.3.0

K7 AntiVirus
Trojan
13.185.13943

Kaspersky
not-a-virus:Downloader.Win32.LMN
15.0.0.494

McAfee
PUP-FNB
5600.6953

Microsoft Security Essentials
Threat.Undefined
1.187.1565.0

MicroWorld eScan
Gen:Variant.Application.LoadMoney.64
15.0.0.933

NANO AntiVirus
Trojan.Win32.LMN.cudfka
0.28.6.62995

Norman
Kryptik.CDIC
11.20141107

Qihoo 360 Security
Malware.QVM20.Gen
1.0.0.1015

Quick Heal
Trojan.Sisproc.A6
11.14.14.00

Reason Heuristics
PUP.ABSOLYUTTREIDOOO.p
14.11.7.12

Rising Antivirus
PE:Malware.XPACK-HIE/Heur!1.9C48
23.00.65.141105

Sophos
Troj/LdMon-E
4.98

Vba32 AntiVirus
Malware-Cryptor.Limpopo
3.12.26.3

VIPRE Antivirus
Threat.4657539
34232

File size:
137.9 KB (141,208 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\programs\1364107725_ariadnes-thread-dlya-minecraft-1_5_1.exe

Digital Signature
Signed by:
ABSOLYUT TREID, OOO

Authority:
COMODO CA Limited

Valid from:
1/31/2014 6:00:00 AM

Valid to:
2/1/2015 5:59:59 AM

Subject:
CN="ABSOLYUT TREID, OOO", O="ABSOLYUT TREID, OOO", STREET="5/12 str. 2, prospekt Zeleny", L=Moscow, S=Moscow oblast, PostalCode=111141, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00C51E1AEF06FDC803CF08B62FC59F7557

File PE Metadata
Compilation timestamp:
6/20/1992 4:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
3072:5uRdVX4t5biERlr9B4RQdKgbb5Ng9Xi4pWHK:MTV0ZRlrzyQdA9DAq

Entry address:
0x1000

Entry point:
6A, 2E, 58, E9, 9C, 8D, 01, 00, C3, 8D, 40, 00, FF, 25, 24, F0, 41, 00, B8, 08, 10, 40, 00, C3, 55, 8B, EC, 83, C4, 88, B8, 24, 13, 40, 00, 89, 45, FC, 8B, 45, FC, 50, E8, F1, 03, 00, 00, 89, 15, 8A, F0, 41, 00, 66, C7, 05, 75, F0, 41, 00, 1A, DB, C6, 05, 97, F0, 41, 00, 45, 89, 1D, F1, F0, 41, 00, B8, 3C, 13, 40, 00, 89, 45, F8, 33, C0, 89, 45, F4, C7, 45, EC, 24, 56, 01, 00, 33, C0, 89, 45, E8, 8B, 45, E8, 50, 8D, 45, 9C, 50, 8B, 45, EC, 50, 8B, 45, F0, 50, 8B, 45, F4, 50, 8B, 45, F8, 50, E8, AF, 03, 00...
 
[+]

Code size:
100 KB (102,400 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.