» 1902_M~1.EXE
Overview
Analysis
File Details

1902_M~1.EXE

The executable 1902_M~1.EXE has been detected as malware by 36 anti-virus scanners.

File name:

1902_M~1.EXE

MD5:

cf204ccdab3b8af2672ee5151cfba367

SHA-1:

25dac6daed43cf77a5d9a67bd879c05aeb47e32f

SHA-256:

bdcf71890f41ed07f36da35803dc826f80f61cc96a79619de5b6246893ac3bc5

Scanner detections:

36 / 68

Status:

Malware

Analysis date:

5/11/2024 3:05:59 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.5526127

617

Agnitum Outpost

Trojan.VBKrypt

7.1.1

AhnLab V3 Security

Trojan/Win32.Xema

2014.10.10

Avira AntiVirus

TR/VBKrypt.akil

7.11.177.146

avast!

Win32:Kryptik-WR [Trj]

2014.9-150528

AVG

Generic20

2016.0.3095

Baidu Antivirus

Trojan.Win32.Dropper

4.0.3.15528

Bitdefender

Trojan.Generic.5526127

1.0.20.740

Bkav FE

W32.Clodbcd.Trojan

1.3.0.4959

Comodo Security

Heur.Suspicious

19755

Dr.Web

Win32.HLLW.Autoruner.51093

9.0.1.0148

Emsisoft Anti-Malware

Trojan.Generic.5526127

8.15.05.28.06

ESET NOD32

Win32/Sadlamnos

9.10542

Fortinet FortiGate

W32/VBKrypt.AGC!tr

5/28/2015

F-Prot

W32/MalwareF.WTDN

v6.4.7.1.166

F-Secure

Trojan.Generic.5526127

11.2015-28-05_5

G Data

Trojan.Generic.5526127

15.5.24

IKARUS anti.virus

Trojan-GameThief.Win32.OnLineGames

t3scan.1.7.8.0

K7 AntiVirus

Backdoor

13.183.13630

Kaspersky

Trojan-Dropper.Win32.VB

14.0.0.1971

McAfee

Artemis!CF204CCDAB3B

5600.6751

Microsoft Security Essentials

Trojan:Win32/Orsam!rts

1.11005

MicroWorld eScan

Trojan.Generic.5526127

16.0.0.444

NANO AntiVirus

Trojan.Win32.VBKrypt.dhoqd

0.28.2.62483

Norman

Suspicious_Gen2.GRJQA

11.20150528

nProtect

Trojan/W32.VBKrypt.262144.J

14.10.10.01

Panda Antivirus

Generic Trojan

15.05.28.06

Qihoo 360 Security

Win32/Trojan.Dropper.515

1.0.0.1015

Rising Antivirus

PE:Trojan.Win32.Generic.12702581!309339521

23.00.65.15526

Sophos

Mal/VB-QU

4.98

Trend Micro House Call

TROJ_SPNR.07JA11

7.2.148

Trend Micro

TROJ_SPNR.07JA11

10.465.28

Vba32 AntiVirus

Trojan.VBRA.0146

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Meredrop

33794

ViRobot

Trojan.Win32.A.VBKrypt.262144.DI

2011.4.7.4223

Zillya! Antivirus

Trojan.VBKrypt.Win32.24669

2.0.0.1949

File size:

256 KB (262,144 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\1902_m~1.exe

File PE Metadata

Compilation timestamp:

12/25/2010 2:25:13 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

3072:0cQ70YAWlzsaBF0MElzdnug3OMJ9whymp5019fhIMfll6cNEYRxBdj9fjq:0cQFAWBFREDn31Oymp5UIiDllpfjq

Entry address:

0x14DC

Entry point:

68, 54, A0, 41, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 35, EB, 0F, CC, DB, 33, 2D, 4D, 95, 58, D6, DF, 2D, 9B, 8C, 7C, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 50, E3, 8A, 00, 50, 72, 6F, 6A, 65, 63, 74, 31, 00, C1, 40, 00, 08, C1, 40, 00, 00, 00, 00, 00, FF, CC, 31, 00, 01, B1, CC, 34, BB, 0E, AE, 3F, 4E, 92, 8B, 97, B4, 30, 0C, 33, 97, 8B, 19, 3D, 9D, 47, 8D, FA, 45, 8A, E7, A6, 22, 73, 55, 21, 7F, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00... 
[+]

Developed / compiled with:

Microsoft Visual Basic v5.0

Code size:

116 KB (118,784 bytes)

Remove 1902_M~1.EXE - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.