» {1b5b8f16-c345-4fba-b7ce-adbcee50b2e3}
Overview
Analysis
File Details

{1b5b8f16-c345-4fba-b7ce-adbcee50b2e3}

The file {1b5b8f16-c345-4fba-b7ce-adbcee50b2e3} has been detected as a potentially unwanted program by 34 anti-malware scanners. According to AVG, this software downloads additional adware offers during setup.

File name:

MD5:

55971468d44de15c14dc7c70765f38a7

SHA-1:

9e6a29e651d092a12bd15a5ca01943e556a7bab0

SHA-256:

5809b5d6ac2ce404b98e56c0c786fd621b7775bc6a347b910e21c7571ca10374

Scanner detections:

34 / 68

Status:

Potentially unwanted

Analysis date:

4/19/2024 3:03:05 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1839126

856

Agnitum Outpost

Riskware.Hoax

7.1.1

AhnLab V3 Security

Trojan/Win32.Upatre

2014.09.12

Avira AntiVirus

TR/Waski.yat

7.11.171.172

avast!

Win32:Trojan-gen

2014.9-141002

AVG

Downloader.Generic14

2015.0.3334

Baidu Antivirus

Trojan.Win32.BadJoke

4.0.3.14102

Bitdefender

Trojan.GenericKD.1839126

1.0.20.1375

Comodo Security

TrojWare.Win32.Waski.~A

19481

Dr.Web

Trojan.DownLoader11.30380

9.0.1.0275

Emsisoft Anti-Malware

Trojan-Downloader.Win32.Waski

8.14.10.02.03

ESET NOD32

Win32/TrojanDownloader.Waski

8.10402

Fortinet FortiGate

W32/UPATRE.YYOY!tr

10/2/2014

F-Secure

Trojan.GenericKD.1839126

11.2014-02-10_5

G Data

Trojan.GenericKD.1839126

14.10.24

IKARUS anti.virus

Trojan-Spy.Zbot

t3scan.1.7.8.0

K7 AntiVirus

Trojan

13.183.13345

Kaspersky

Hoax.Win32.ArchSMS

14.0.0.3164

Malwarebytes

Trojan.Upatre

v2014.10.02.03

McAfee

Downloader-FAIC

5600.6990

Microsoft Security Essentials

TrojanDownloader:Win32/Upatre.AA

1.10904

MicroWorld eScan

Trojan.GenericKD.1839126

15.0.0.825

NANO AntiVirus

Trojan.Win32.DownLoader11.demjyo

0.28.2.61942

Norman

Upatre.EP

11.20141002

nProtect

Trojan.GenericKD.1839126

14.09.11.01

Panda Antivirus

Trj/Chgt.E

14.10.02.03

Qihoo 360 Security

HEUR/Malware.QVM20.Gen

1.0.0.1015

Quick Heal

TrojanDownloader.Upatre.r4

10.14.14.00

Sophos

Troj/Agent-AIRU

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Magania

10325

Total Defense

Win32/Upatre.OUJMJW

37.0.11174

Trend Micro House Call

TROJ_UPATRE.YYO

7.2.275

Trend Micro

TROJ_UPATRE.YYO

10.465.02

VIPRE Antivirus

Trojan.Win32.Generic.pak!cobra

33014

File size:

22.5 KB (23,040 bytes)

File PE Metadata

Compilation timestamp:

6/21/1979 3:13:35 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

384:RhuaDpmrSTFx92tjsVet0aSPd8unjfe68t:adroX2aVeSaSFzjfUt

Entry address:

0x2600

Entry point:

B8, 80, 55, 40, 00, 50, E8, 65, 10, 00, 00, C3, CC, CC, CC, CC, 8B, 06, E9, D9, F9, FF, FF, CC, 08, 8B, FF, 83, 40, 15, 08, 40, 15, 45, CC, 00, 15, 08, FF, FF, 55, 83, 83, 6A, 8B, 83, 40, 45, 83, 30, 00, 6A, 6A, 00, 8B, 83, 40, 30, 40, 30, 15, 15, 83, 83, 00, 83, 40, 40, 08, 83, 6A, 45, 45, 30, 45, 08, 83, 15, 55, 83, 6A, 00, 6A, 83, 30, 8B, 15, 40, 55, 00, 55, 55, 45, 40, 40, 6A, 15, 40, 00, 00, 00, 00, 15, 15, 00, 30, 45, 55, 83, 83, FF, 8B, 6A, 83, CC, 45, 8B, 08, 00, 00, 08, 55, 08, 00, 08, FF, 83, 40... 
[+]

Code size:

10.5 KB (10,752 bytes)

Remove {1b5b8f16-c345-4fba-b7ce-adbcee50b2e3} - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.