» {199803cf-52d9-4c80-83b9-313442ec3a29}
Overview
Analysis
File Details

{199803cf-52d9-4c80-83b9-313442ec3a29}

agb6ky62TNM12

aWh7gQXiCLS

The file {199803cf-52d9-4c80-83b9-313442ec3a29} has been detected as malware by 28 anti-virus scanners.

File name:

Publisher:

aWh7gQXiCLS

Product:

agb6ky62TNM12

Description:

aBDboXXYYkv

Version:

6.7.9.38

MD5:

eaacb9bc2e31e6c69ca24aa9bb8ce834

SHA-1:

5e044d3b51e331fd332124f4d1500db23f0f1e20

SHA-256:

d42866cb5aee5080e51f369efcf05758f08b39d0fac7e3a1f785423a51ad4f55

Scanner detections:

28 / 68

Status:

Malware

Analysis date:

4/25/2024 9:45:14 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1615274

856

Avira AntiVirus

TR/Dropper.MSIL.Gen

7.11.143.120

avast!

Win32:Malware-gen

2014.9-141002

AVG

MSIL2

2015.0.3334

Baidu Antivirus

Trojan.MSIL.Injector

4.0.3.14102

Bitdefender

Trojan.GenericKD.1615274

1.0.20.1375

Comodo Security

UnclassifiedMalware

18107

Dr.Web

Trojan.Starter.2890

9.0.1.0275

Emsisoft Anti-Malware

Trojan.GenericKD.1615274

8.14.10.02.03

ESET NOD32

MSIL/Injector.CKN (variant)

8.9677

Fortinet FortiGate

MSIL/Injector.CKN!tr

10/2/2014

F-Secure

Trojan.GenericKD.1615274

11.2014-02-10_5

G Data

Trojan.GenericKD.1615274

14.10.24

IKARUS anti.virus

Trojan.MSIL2

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.176.11755

Malwarebytes

Trojan.MSIL.RN

v2014.10.02.03

McAfee

RDN/Generic.dx!d2c

5600.6990

MicroWorld eScan

Trojan.GenericKD.1615274

15.0.0.825

NANO AntiVirus

Trojan.Win32.Starter.cwculo

0.28.0.59288

Norman

Troj_Generic.TDWQD

11.20141002

nProtect

Trojan.GenericKD.1615274

14.04.14.02

Panda Antivirus

Generic Malware

14.10.02.03

Qihoo 360 Security

HEUR/Malware.QVM03.Gen

1.0.0.1015

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_GEN.R0CBC0OCV14

7.2.275

Trend Micro

TROJ_GEN.R0CBC0OCV14

10.465.02

VIPRE Antivirus

Trojan.Win32.Generic

28244

XVirus List

Win32.Detected

2.10.2

File size:

488.5 KB (500,224 bytes)

Product version:

6.7.9.38

Trademarks:

aEcOpQltIJTojj

Original file name:

raniii.exe

File PE Metadata

Compilation timestamp:

3/18/2014 4:15:12 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

12288:XJ1DrGFeuGSWOP8r6L/5s9ho6d/lGX7L5uJYqf8lb4iAPW:XJFGAueOP8rORsc6d/lGX7L5uJYqf8lr

Entry address:

0x7B43E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

485.5 KB (497,152 bytes)

Remove {199803cf-52d9-4c80-83b9-313442ec3a29} - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.