» {1fe7f108-c61c-4ea6-959d-25527148c589}
Overview
Analysis
File Details

{1fe7f108-c61c-4ea6-959d-25527148c589}

MSN Security Guard Install

Just Orange

The file {1fe7f108-c61c-4ea6-959d-25527148c589} has been detected as malware by 41 anti-virus scanners.

File name:

Publisher:

Just Orange

Product:

MSN Security Guard Install

Version:

3.1.4.308

MD5:

68113bbdabb5ffb77461abfc88469ae1

SHA-1:

e97df5b219c002a96869af7691d43a84c5c64517

SHA-256:

63435c33e7950af24ef48900f58dfa48f497e0049bb4b08f97a95888df15ecd4

Scanner detections:

41 / 68

Status:

Malware

Analysis date:

4/19/2024 11:10:21 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Barys.501

856

Agnitum Outpost

Trojan.Farfli.Gen.2

7.1.1

AhnLab V3 Security

Dropper/Win32.OnlineGameHack

2014.08.05

Avira AntiVirus

TR/Spy.A.8379

7.11.165.42

avast!

Win32:Farfli-R [Trj]

2014.9-141002

AVG

Dropper.Generic6

2015.0.3334

Baidu Antivirus

Trojan.Win32.Generic

4.0.3.14102

Bitdefender

Gen:Variant.Barys.501

1.0.20.1375

Bkav FE

W32.GenericFarfliK.Trojan

1.3.0.4959

Clam AntiVirus

WIN.Trojan.Agent-164706

0.98/21411

Comodo Security

TrojWare.Win32.GameThief.Magania.~FEA

19083

Dr.Web

Trojan.DownLoader6.55308

9.0.1.0275

Emsisoft Anti-Malware

Gen:Variant.Barys.501

8.14.10.02.03

ESET NOD32

Win32/Farfli.HO (variant)

8.10201

Fortinet FortiGate

W32/OnLineGames.GD!tr.pws

10/2/2014

F-Prot

W32/OnlineGames.GR.gen

v6.4.7.1.166

F-Secure

Gen:Variant.Barys.501

11.2014-02-10_5

G Data

Gen:Variant.Barys.501

14.10.24

IKARUS anti.virus

Trojan-Dropper.Win32.Farfli

t3scan.1.6.1.0

K7 AntiVirus

Riskware

13.182.12945

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.3164

Malwarebytes

Worm.Magania

v2014.10.02.03

McAfee

RDN/Generic Dropper!ty

5600.6990

Microsoft Security Essentials

TrojanDropper:Win32/Farfli.F

1.10802

MicroWorld eScan

Gen:Variant.Barys.501

15.0.0.825

NANO AntiVirus

Trojan.Win32.Farfli.bcazde

0.28.2.61349

Norman

Farfli.EAU

11.20141002

nProtect

Trojan-PWS/W32.WebGame.278528.AA

14.08.04.01

Panda Antivirus

Trj/Genetic.gen

14.10.02.03

Qihoo 360 Security

Backdoor.Win32.Agent.JT

1.0.0.1015

Quick Heal

BackDoor.FarFli.R2

10.14.14.00

Rising Antivirus

PE:Trojan.Win32.Generic.131BDA12!320592402

23.00.65.14930

Sophos

Mal/Agent-AEM

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Farfli[OJ]

10325

Total Defense

Win32/Gamepass.QIS

37.0.11099

Trend Micro House Call

TROJ_JORIK.SME4

7.2.275

Trend Micro

TROJ_JORIK.SME4

10.465.02

Vba32 AntiVirus

Trojan.RemAcs.14105

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Farfli.F

31916

ViRobot

Trojan.Win32.Injector.278528

2011.4.7.4223

XVirus List

Win32.Detected

2.10.2

File size:

272 KB (278,528 bytes)

Product version:

3.1.4.308

Original file name:

Install.exe

File PE Metadata

Compilation timestamp:

9/11/2012 8:12:32 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

6144:HIcUTKTk+b1aOib9c5RMpohpczXm/QRBvN:vk+YBZZpo4zXoChN

Entry address:

0x58EC

Entry point:

55, 8B, EC, 6A, FF, 68, 38, 41, 40, 00, 68, 18, 73, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 54, 10, 40, 00, 33, D2, 8A, D4, 89, 15, 2C, B0, 40, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 28, B0, 40, 00, C1, E1, 08, 03, CA, 89, 0D, 24, B0, 40, 00, C1, E8, 10, A3, 20, B0, 40, 00, 6A, 01, E8, 66, 19, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, A8, 04, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75... 
[+]

Developed / compiled with:

Microsoft Visual C++ v6.0

Remove {1fe7f108-c61c-4ea6-959d-25527148c589} - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.