» {202b4d34-822c-8d8e-c201-5371690075bc}-4c6b03e.exe
Overview
Analysis
File Details

{202b4d34-822c-8d8e-c201-5371690075bc}-4c6b03e.exe

The executable {202b4d34-822c-8d8e-c201-5371690075bc}-4c6b03e.exe has been detected as malware by 16 anti-virus scanners.

File name:

MD5:

db10cb1bc513650768ca8133867ee03d

SHA-1:

edbcd526d4b9995cba893306e8d6852d5fb8957f

SHA-256:

db2b74b0afabdea55307a9dbeb8f669ffd1cd40bf379d32a9f0bd69e94b5aefb

Scanner detections:

16 / 68

Status:

Malware

Analysis date:

4/25/2024 10:22:34 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1984695

5829361

Avira AntiVirus

TR/Crypt.ZPACK.98173

7.11.188.92

AVG

FileCryptor

2015.0.3281

Bitdefender

Trojan.GenericKD.1984695

1.0.20.1635

Dr.Web

Trojan.Encoder.514

9.0.1.05190

Emsisoft Anti-Malware

Trojan.GenericKD.1984695

9.0.0.4570

F-Secure

Trojan.GenericKD.1984695

11.2014-23-11_1

G Data

Trojan.GenericKD.1984695

14.11.24

IKARUS anti.virus

Trojan-Dropper.Win32.Inject

t3scan.1.8.3.0

Kaspersky

Trojan-Dropper.Win32.Injector

15.0.0.543

McAfee

Generic.uo

5600.6937

MicroWorld eScan

Trojan.GenericKD.1984695

15.0.0.981

NANO AntiVirus

Trojan.Win32.Injector.djcadz

0.28.6.63474

nProtect

Trojan.GenericKD.1984695

14.11.21.01

Quick Heal

TrojanDropper.Injector.r4

11.14.14.00

Sophos

Troj/Wonton-JF

4.98

File size:

160.9 KB (164,735 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\ProgramData\microsoft\microsoft antimalware\localcopy\{202b4d34-822c-8d8e-c201-5371690075bc}-4c6b03e.exe

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

3072:ZFsd4WPWiNX9uisLSbSwYlsiLpo92dlBL:ZyFBlCSTYlsip60r

Entry point:

B2, A5, 6F, FF, FC, FF, FF, FF, FB, FF, FF, FF, 00, 00, FF, FF, 47, FF, FF, FF, FF, FF, FF, FF, BF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, 07, FF, FF, FF, F1, E0, 45, F1, FF, 4B, F6, 32, DE, 47, FE, B3, 32, DE, AB, 97, 96, 8C, DF, 8F, 8D, 90, 98, 8D, 9E, 92, DF, 9C, 9E, 91, 91, 90, 8B, DF, 9D, 9A, DF, 8D, 8A, 91, DF, 96, 91, DF, BB, B0, AC, DF, 92, 90, 9B, 9A, D1, F2, F2, F5, DB, FF, FF, FF, FF, FF, FF, FF... 
[+]

Entropy:

7.4018

Remove {202b4d34-822c-8d8e-c201-5371690075bc}-4c6b03e.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.