» 19dad6e2511ad428e01b1140e6f659d3_0.npb
Overview
Analysis
File Details

19dad6e2511ad428e01b1140e6f659d3_0.npb

The file 19dad6e2511ad428e01b1140e6f659d3_0.npb has been detected as malware by 34 anti-virus scanners.

File name:

MD5:

19dad6e2511ad428e01b1140e6f659d3

SHA-1:

25d3fcf8d05d481e45d9701121b4dcbdb09331ee

SHA-256:

bf0f68ad0f64ea86bda8d61ffb053a23e1367bfd4dc6b0e0fcf8dee8e5328996

Scanner detections:

34 / 68

Status:

Malware

Analysis date:

4/19/2024 8:17:26 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Symmi.37981

6434017

Agnitum Outpost

Trojan.Buzus

7.1.1

AhnLab V3 Security

Worm/Win32.AutoRun

2015.01.25

Avira AntiVirus

TR/Hijacker.Gen

7.11.30.172

avast!

Perkesh-D [Rtk]

150101-1

AVG

Citem

2016.0.3219

Bitdefender

Gen:Variant.Symmi.37981

1.0.20.125

Bkav FE

W32.SysLiveNA195.Trojan

1.3.0.6379

Clam AntiVirus

Win.Trojan.Buzus-2900

0.98/19974

Comodo Security

TrojWare.Win32.TrojanDownloader.Delf.gen

20835

Dr.Web

Win32.HLLW.Autoruner.45767

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Symmi.37981

9.0.0.4799

ESET NOD32

Win32/AutoRun.Delf.EP worm

7.0.302.0

Fortinet FortiGate

W32/Delf.EP!worm

1/25/2015

F-Prot

W32/Agent.S.gen

4.6.5.141

F-Secure

Gen:Variant.Symmi.37981

5.13.68

G Data

Gen:Variant.Symmi.37981

15.1.24

IKARUS anti.virus

Trojan-PWS.Win32.Lmir

t3scan.1.8.6.0

K7 AntiVirus

EmailWorm

13.192.14746

Kaspersky

Worm.Win32.AutoRun

15.0.0.543

McAfee

BackDoor-DOQ.gen.y

5600.6875

Microsoft Security Essentials

Threat.Undefined

1.191.3191.0

MicroWorld eScan

Gen:Variant.Symmi.37981

16.0.0.75

NANO AntiVirus

Trojan.Win32.Buzus.bvuhs

0.30.0.64812

Norman

Gen:Variant.Symmi.37981

02.01.2015 13:58:24

Panda Antivirus

Generic Malware

15.01.25.01

Qihoo 360 Security

Malware.QVM05.Gen

1.0.0.1015

Rising Antivirus

PE:Trojan.Killav!1.9EAB

23.00.65.15123

Sophos

Virus 'Troj/Buzus-FX'

5.09

Total Defense

Win32/ASuspect.HHAGU

37.0.11402

Trend Micro House Call

WORM_YMINKY.SMRP

7.2.25

Trend Micro

WORM_YMINKY.SMRP

10.465.25

Vba32 AntiVirus

BScope.P2P-Worm.Palevo

3.12.26.3

VIPRE Antivirus

Threat.4723989

36694

File size:

89.5 KB (91,648 bytes)

Common path:

C:\ProgramData\application data\net protector\npbkpn\19dad6e2511ad428e01b1140e6f659d3_0.npb

File PE Metadata

Compilation timestamp:

3/3/1997 12:12:11 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

1536:kzqXQhtG/NFXueOpBlF2WXmUXVqv/F4zFB2SrLSx4ii83yRcrXzBKUykE3:zWG/NFivRla+zD2SfSxTi83+yXzBK1kI

Entry address:

0xC694

Entry point:

55, 8B, EC, B9, 7B, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 53, 56, 57, B8, 84, C5, 40, 00, E8, 60, 83, FF, FF, 33, C0, 55, 68, 19, E1, 40, 00, 64, FF, 30, 64, 89, 20, E8, 49, A7, FF, FF, E8, 04, 00, 00, 00, E8, EB, 0C, E8, 58, EB, 01, E8, 40, EB, 01, E8, FF, E0, E8, E8, 04, 00, 00, 00, E8, EB, 0C, E8, 58, EB, 01, E8, 40, EB, 01, E8, FF, E0, E8, 51, 31, C9, 67, E3, 01, E8, 59, 6A, 00, 6A, 00, 6A, 00, 6A, FF, E8, F4, 85, FF, FF, E8, E7, F8, FF, FF, 84, C0, 75, 0A, E8, 82, F8, FF, FF, 83, F8, 04, 75, 0B, 6A... 
[+]

Entropy:

7.0168

Developed / compiled with:

Microsoft Visual C++

Code size:

54 KB (55,296 bytes)

Remove 19dad6e2511ad428e01b1140e6f659d3_0.npb - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.