home

{143abf2e-0cb9-4415-bc6a-e02bc5d21870}

The file {143abf2e-0cb9-4415-bc6a-e02bc5d21870} has been detected as malware by 36 anti-virus scanners. This backdoor trojan may be used to conduct distributed denial of service attacks, or used to install additional trojans or other forms of malicious software as well as can steal your sensitive information.
MD5:
3d07a5e4050d320d36b8e76135642a37

SHA-1:
5967203936c82488187fc56b76e6ab05dc35202e

SHA-256:
44ff1632020ab3254050820c1bb2b96fdf0bb6a14f4313280cc3a6a849ab6128

Scanner detections:
36 / 68

Status:
Malware

Analysis date:
4/25/2024 8:44:34 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Barys.8949
856

Agnitum Outpost
TrojanSpy.Agent
7.1.1

Avira AntiVirus
TR/Agent.44544218
7.11.171.238

avast!
MSIL:Agent-ANE [Trj]
2014.9-141002

AVG
MSIL.AP.dropper
2015.0.3334

Baidu Antivirus
Trojan.MSIL.Disfa
4.0.3.14102

Bitdefender
Gen:Variant.Barys.8949
1.0.20.1375

Comodo Security
TrojWare.MSIL.Disfa.A
19506

Dr.Web
BackDoor.Bladabindi.1393
9.0.1.0275

Emsisoft Anti-Malware
Gen:Variant.Barys.8949
8.14.10.02.03

ESET NOD32
MSIL/Bladabindi (variant)
8.10413

Fortinet FortiGate
MSIL/Agent.PPP!tr
10/2/2014

F-Prot
W32/MSIL_Troj.AP.gen
v6.4.7.1.166

F-Secure
Gen:Variant.Barys.8949
11.2014-02-10_5

G Data
Gen:Variant.Barys.8949
14.10.24

IKARUS anti.virus
Trojan.MSIL.Disfa
t3scan.1.7.8.0

K7 AntiVirus
Trojan
13.183.13358

Kaspersky
Trojan.MSIL.Disfa
14.0.0.3164

Malwarebytes
Backdoor.Agent.TRJ
v2014.10.02.03

McAfee
Artemis!3D07A5E4050D
5600.6990

Microsoft Security Essentials
Backdoor:MSIL/Bladabindi.AA
1.10904

MicroWorld eScan
Gen:Variant.Barys.8949
15.0.0.825

NANO AntiVirus
Trojan.Win32.Disfa.cuyyww
0.28.2.61942

Norman
Agent.AYLBP
11.20141002

Panda Antivirus
VBS/Autorun.BC.worm
14.10.02.03

Qihoo 360 Security
Malware.Radar03.Gen
1.0.0.1015

Quick Heal
Trojan.Bladabindi.B3
10.14.14.00

Rising Antivirus
PE:Backdoor.Bot!1.6675
23.00.65.14930

Sophos
Troj/MSIL-HX
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-FakeAlert
10325

Total Defense
Win32/Armax.OVKTQIB
37.0.11178

Trend Micro House Call
BKDR_BLADABI.SMA
7.2.275

Trend Micro
BKDR_BLADABI.SMA
10.465.02

Vba32 AntiVirus
Trojan.MSIL.Disfa
3.12.26.3

VIPRE Antivirus
Trojan.Win32.Generic
33086

ViRobot
Backdoor.Win32.A.Bifrose.40448.L
2011.4.7.4223

File size:
680.4 KB (696,748 bytes)

File PE Metadata
Compilation timestamp:
3/17/2005 4:31:50 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:b1dlZo5ysmfDC6D0HCyeioCA1OGMQhYqfD//RKF2Dc:b1dlZo5vmbDwRzoXiQhjg2g

Entry address:
0x7481

Entry point:
55, 8B, EC, 6A, FF, 68, F0, E7, 40, 00, 68, C4, AD, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 84, E0, 40, 00, 33, D2, 8A, D4, 89, 15, E0, 52, 41, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, DC, 52, 41, 00, C1, E1, 08, 03, CA, 89, 0D, D8, 52, 41, 00, C1, E8, 10, A3, D4, 52, 41, 00, 33, F6, 56, E8, F6, 23, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, B0, 00, 00, 00, 59, 89, 75, FC, E8, 16, 02, 00, 00, FF, 15, 80, E0, 40, 00, A3, E4, 69, 41, 00, E8...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
52 KB (53,248 bytes)

Remove {143abf2e-0cb9-4415-bc6a-e02bc5d21870} - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.