home

170316_006.exe

Marquardt-Littel, Security Product

The executable 170316_006.exe, “Marquardt-Littel, Security Product” has been detected as malware by 12 anti-virus scanners.
Publisher:
Marquardt-Littel, Security Product

Description:
Marquardt-Littel, Security Product

Version:
13.16.19.10

MD5:
3bceadd4c2c546aba24e24307f1defcd

SHA-1:
81e4110a72821a1b1f01a3f3a8bf89188af40067

SHA-256:
8ab65ceef6b8a5d2d0c0fb3ddbe1c1756b5c224bafc8065c161424d63937721c

Scanner detections:
12 / 68

Status:
Malware

Analysis date:
4/26/2024 9:37:55 AM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Ml.Attribute.Gen!c
2.1.4+

AhnLab V3 Security
Trojan/Win32.Crypted.C1859520
3.8.3.16

avast!
Win32:Malware-gen
2014.9-170316

AVG
GenericX
2018.0.2438

Baidu Antivirus
Win32.Trojan.WisdomEyes.16070401.9500
4.0.3.17316

Dr.Web
Trojan.Encoder.10477
9.0.1.075

ESET NOD32
Win32/Filecoder.HydraCrypt
11.15095

Kaspersky
Trojan.Win32.Reconyc
14.0.0.-1317

Malwarebytes
Ransom.Revenge
v2017.03.16.07

McAfee
Artemis!3BCEADD4C2C5
5600.6094

Qihoo 360 Security
HEUR/QVM10.1.0000.Malware.Gen
1.0.0.1120

Rising Antivirus
Trojan.Cryptoshield!1.A960 (classic)
23.00.65.17314

File size:
113.5 KB (116,224 bytes)

Product version:
13.16.19.10

Copyright:
Marquardt-Littel, Security Product

File type:
Executable application (Win32 EXE)

Language:
Breton (France)

Common path:
C:\users\{user}\downloads\170316_006.exe

File PE Metadata
Compilation timestamp:
3/15/2017 9:36:51 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

Entry address:
0x100F

Entry point:
E8, 88, 12, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 50, C2, 40, 00, E8, 9B, 17, 00, 00, E8, 55, 14, 00, 00, 0F, B7, F0, 6A, 02, E8, 1B, 12, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, FC, 0B, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Code size:
27.5 KB (28,160 bytes)

Remove 170316_006.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.