» {148737ff-37ec-d3f3-5468-e388f78242ef}-app-helper1.exe
Overview
Analysis
File Details

{148737ff-37ec-d3f3-5468-e388f78242ef}-app-helper1.exe

The executable {148737ff-37ec-d3f3-5468-e388f78242ef}-app-helper1.exe has been detected as malware by 14 anti-virus scanners.

File name:

MD5:

812850ce1f30d25f171ebce99c18e42e

SHA-1:

3a394a7e40ae186d5e3b14f3fd1c3f4e085eabfa

SHA-256:

2dc4f2cfdc244214b1c4f52697ea0be5fc11d9eb32409d292fd75576c09c7596

Scanner detections:

14 / 68

Status:

Malware

Analysis date:

4/19/2024 9:22:45 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.715502

5800457

Avira AntiVirus

TR/Crypt.XPACK.Gen7

8.3.2.2

Arcabit

Trojan.Kazy.DAEAEE

1.0.0.425

AVG

Crypt4

2016.0.3001

Bitdefender

Gen:Variant.Kazy.715502

1.0.20.1210

Dr.Web

Trojan.DownLoader14.39702

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Kazy.715502

10.0.0.5366

F-Secure

Gen:Variant.Kazy.715502

5.14.151

G Data

Gen:Variant.Kazy.715502

15.8.25

IKARUS anti.virus

Trojan.Win32.Crypt

t3scan.1.9.5.0

McAfee

Trojan.GenericR-EHS!68796E9A3074

18.0.204.0

MicroWorld eScan

Gen:Variant.Kazy.715502

16.0.0.726

NANO AntiVirus

Trojan.Win32.DownLoader14.dvrmgz

0.30.24.3283

Norman

Gen:Variant.Kazy.715502

04.08.2015 10:30:46

File size:

252 KB (258,048 bytes)

File type:

Executable application (Win64 EXE)

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

6144:OvE8DivKB9tyd3L3Itrxse7wLd8PY3JpvU3v8vgvV:0DF9tydb1eGch

Entry point:

B2, A5, 6F, FF, FC, FF, FF, FF, FB, FF, FF, FF, 00, 00, FF, FF, 47, FF, FF, FF, FF, FF, FF, FF, BF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, 3F, FF, FF, FF, F1, E0, 45, F1, FF, 4B, F6, 32, DE, 47, FE, B3, 32, DE, AB, 97, 96, 8C, DF, 8F, 8D, 90, 98, 8D, 9E, 92, DF, 9C, 9E, 91, 91, 90, 8B, DF, 9D, 9A, DF, 8D, 8A, 91, DF, 96, 91, DF, BB, B0, AC, DF, 92, 90, 9B, 9A, D1, F2, F2, F5, DB, FF, FF, FF, FF, FF, FF, FF... 
[+]

Remove {148737ff-37ec-d3f3-5468-e388f78242ef}-app-helper1.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.