» {15e8e-c8f518-c8f918}
Overview
Analysis
File Details

{15e8e-c8f518-c8f918}

Hilgraeve, Inc.

The file {15e8e-c8f518-c8f918}, “HyperTerminal Applet” has been detected as malware by 12 anti-virus scanners.

File name:

Publisher:

Hilgraeve, Inc.

Description:

HyperTerminal Applet

Version:

5.1.2600.0

MD5:

c0a511695fa44a9e6a1638bc1feb2bff

SHA-1:

693efa624cfef70224d64a34359ea94941539e42

SHA-256:

839fa85feab297109ace84ce0cb864f6987450033b8db4eb69ae6268ec8b3532

Scanner detections:

12 / 68

Status:

Malware

Analysis date:

5/10/2024 8:22:10 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Rogue.17116

7.11.77.112

avast!

Win32:Malware-gen

2014.9-150527

Bitdefender

Trojan.GenericKDZ.17116

1.0.20.735

Emsisoft Anti-Malware

Trojan.GenericKDZ.17116

8.15.05.27.11

ESET NOD32

Win32/Spy.Bebloh

9.8314

F-Secure

Trojan.GenericKDZ.17116

11.2015-27-05_4

G Data

Trojan.GenericKDZ.17116

15.5.22

Kaspersky

Trojan.Win32.Bublik

14.0.0.1975

Malwarebytes

Trojan.Faketerm

v2015.05.27.11

MicroWorld eScan

Trojan.GenericKDZ.17116

16.0.0.441

Panda Antivirus

Trj/CI.A

15.05.27.11

Trend Micro House Call

TROJ_GEN.RC1H1E9

7.2.147

File size:

310.5 KB (317,952 bytes)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{15e8e-c8f518-c8f918}

File PE Metadata

Compilation timestamp:

5/8/2013 8:52:41 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

6144:bo4bdQ6wXjnN+uwVmiHAUBCdNYuoSbGqcSbGq9y:bUXj0z3HvCTESKS

Entry address:

0x19F0

Entry point:

55, 8B, EC, 51, 8B, CD, 8B, C1, 89, 45, FC, 68, 27, 02, 00, 00, 6A, 00, FF, 15, B0, B1, 43, 00, 85, C0, 74, 04, 33, C0, EB, 18, 8B, C9, FF, 75, FC, 8B, C9, 68, 28, 1A, 40, 00, 8B, C9, 68, 10, 13, 40, 00, 8B, C9, C3, 8B, C9, 8B, E5, 5D, C3, CC, CC, CC, CC, 55, 8B, EC, 51, C7, 45, FC, 04, 00, 00, 00, 6A, 00, FF, 15, 44, B0, 43, 00, 85, C0, 75, 04, 33, C0, EB, 0A, C7, 05, 78, B7, 43, 00, 0C, B3, 43, 00, 8B, E5, 5D, C3, CC, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 83, EC, 0C, 8B, 45, 08, 89, 45, FC, 8B, 4D, 0C, 89... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

231.5 KB (237,056 bytes)

Remove {15e8e-c8f518-c8f918} - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.