home

{15f69b1d-3b95-48ff-a396-8f05692f73d6}

bis

Any-Video-Converter.com

The file {15f69b1d-3b95-48ff-a396-8f05692f73d6} has been detected as a potentially unwanted program by 36 anti-malware scanners. Accoriding to the detections, it is a variant of Zbot (Zeus), a trojan that attempts to steal confidential information (online credentials, and banking details) from a compromised computer and send it to online criminals via a command-and-control server.
Publisher:
Any-Video-Converter.com

Product:
bis

Description:
Vexable fuddy'

Version:
1.75.0065

MD5:
e31278aa00c4afdf8c5ecf795a2bf3ad

SHA-1:
ded05301f288f68826e5f3878b82eb3d584c3580

SHA-256:
77330ef54f4a50ca514376bf2482c1ea95aff1f65df5ed6e6d860034723f4946

Scanner detections:
36 / 68

Status:
Potentially unwanted

Analysis date:
4/23/2024 11:01:23 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Symmi.40052
856

Agnitum Outpost
Backdoor.Androm
7.1.1

AhnLab V3 Security
Win-Trojan/MDA.140610
2014.09.18

Avira AntiVirus
TR/Dropper.VB.12346
7.11.173.22

avast!
Win32:Agent-ATGG [Trj]
2014.9-141002

AVG
Inject2
2015.0.3334

Baidu Antivirus
Backdoor.Win32.Androm
4.0.3.14102

Bitdefender
Gen:Variant.Symmi.40052
1.0.20.1375

Comodo Security
TrojWare.Win32.Injector.AREY
19547

Dr.Web
BackDoor.Andromeda.267
9.0.1.0275

Emsisoft Anti-Malware
Gen:Variant.Symmi.40052
8.14.10.02.03

ESET NOD32
Win32/Injector.BCCG (variant)
8.10437

Fortinet FortiGate
W32/VB.ALO!tr
10/2/2014

F-Secure
Gen:Variant.Symmi.40052
11.2014-02-10_5

G Data
Gen:Variant.Symmi.40052
14.10.24

IKARUS anti.virus
Backdoor.Win32.Androm
t3scan.1.7.8.0

K7 AntiVirus
Unwanted-Program
13.183.13407

Kaspersky
Backdoor.Win32.Androm
14.0.0.3164

Malwarebytes
Spyware.Zbot
v2014.10.02.03

McAfee
PWSZbot-FLW!E31278AA00C4
5600.6990

Microsoft Security Essentials
Worm:Win32/Gamarue
1.11005

MicroWorld eScan
Gen:Variant.Symmi.40052
15.0.0.825

NANO AntiVirus
Trojan.Win32.Androm.cvbfpa
0.28.2.62151

Norman
Injector.GEXW
11.20141002

nProtect
Backdoor/W32.Androm.131072.Q
14.09.18.01

Panda Antivirus
Generic Malware
14.10.02.03

Qihoo 360 Security
Win32/Trojan.c3c
1.0.0.1015

Quick Heal
VirTool.VBInject.LE3
10.14.14.00

Rising Antivirus
PE:Malware.XPACK-HIE/Heur!1.9C48
23.00.65.14930

Sophos
Mal/VB-ALO
4.98

Trend Micro House Call
TROJ_GEN.F0C2C00C414
7.2.275

Trend Micro
TROJ_GEN.F0C2C00C414
10.465.02

Vba32 AntiVirus
Backdoor.Androm.dltc
3.12.26.3

VIPRE Antivirus
Trojan.Win32.Zbot.pj
33224

XVirus List
Win32.Detected
2.10.2

Zillya! Antivirus
Backdoor.Androm.Win32.6536
2.0.0.1926

File size:
128 KB (131,072 bytes)

Product version:
1.75.0065

Copyright:
Reconvey parachro coleopti 2002

Original file name:
Martialn.exe

File PE Metadata
Compilation timestamp:
3/2/2014 7:43:59 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:N3u3dkudruF+NXVMz57NmU1XqnpRTYrJgmzzYtam/vtCulCfLE6eCT5qDf0g7kQD:NQkudruSXizPQTb4i5/vtCACgMNe

Entry address:
0x1340

Entry point:
68, 2C, 15, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, A4, 4D, 4F, 3D, 17, 04, F9, 40, 9C, 5F, D1, B2, 3A, 25, 46, FD, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 43, 58, 22, 0D, 0A, 42, 66, 6C, 6F, 72, 75, 69, 74, 65, 64, 00, 72, 6D, 20, 4A, 61, 63, 00, 00, 00, 00, FF, CC, 31, 00, 01, FB, 0D, 34, 34, DE, 31, 3B, 4F, B3, 40, C4, 07, 97, 60, 96, 9F, 78, A9, FA, BA, BC, 93, D7, 49, 9D, 7B, B9, 2B, 13, 80, 39, CC, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
116 KB (118,784 bytes)

Remove {15f69b1d-3b95-48ff-a396-8f05692f73d6} - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.