» {2157ce91-bbb5-4540-b057-8d00e1f68fde}
Overview
Analysis
File Details

{2157ce91-bbb5-4540-b057-8d00e1f68fde}

The file {2157ce91-bbb5-4540-b057-8d00e1f68fde} has been detected as malware by 34 anti-virus scanners. This backdoor trojan may be used to conduct distributed denial of service attacks, or used to install additional trojans or other forms of malicious software as well as can steal your sensitive information.

File name:

MD5:

d3720f8e4daa0a1d423c68f7f9c6af08

SHA-1:

085feb2f083bfc8d5ed8f071643e7f7af9e5d800

SHA-256:

1151258e032f0119470d0e77c6ec6d93b0b5ebd515976c6ae7a519ea86273b7e

Scanner detections:

34 / 68

Status:

Malware

Analysis date:

4/20/2024 12:11:11 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Barys.7801

856

Agnitum Outpost

Trojan.RatJn.Gen.MG

7.1.1

AhnLab V3 Security

Trojan/Win32.Generic

2014.09.14

Avira AntiVirus

TR/ATRAPS.Gen

7.11.171.238

avast!

Win32:Dropper-NOK [Drp]

2014.9-141002

AVG

PSW.ILUSpy

2015.0.3334

Bitdefender

Gen:Variant.Barys.7801

1.0.20.1375

Comodo Security

TrojWare.MSIL.Bladabindi.KX

19509

Dr.Web

Trojan.DownLoader10.20442

9.0.1.0275

Emsisoft Anti-Malware

Gen:Variant.Barys.7801

8.14.10.02.03

ESET NOD32

MSIL/Bladabindi (variant)

8.10414

Fortinet FortiGate

MSIL/Agent.PPV!tr

10/2/2014

F-Prot

W32/MSIL_Bladabindi.A2.gen

v6.4.7.1.166

F-Secure

Gen:Variant.Barys.7801

11.2014-02-10_5

G Data

Gen:Variant.Barys.7801

14.10.24

IKARUS anti.virus

Trojan.Msil

t3scan.1.7.8.0

K7 AntiVirus

Trojan

13.183.13358

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.3164

Malwarebytes

Backdoor.Bot.MSIL

v2014.10.02.03

McAfee

BackDoor-NJRat!D3720F8E4DAA

5600.6990

Microsoft Security Essentials

Backdoor:MSIL/Bladabindi.AJ

1.10904

MicroWorld eScan

Gen:Variant.Barys.7801

15.0.0.825

NANO AntiVirus

Trojan.Win32.DownLoader10.ctopxm

0.28.2.61942

Panda Antivirus

Trj/CI.A

14.10.02.03

Qihoo 360 Security

Win32/Trojan.81a

1.0.0.1015

Quick Heal

Backdoor.Bladabindi.AL3

10.14.14.00

Rising Antivirus

PE:Backdoor.MSIL.Bladabindi!1.9DE6

23.00.65.14930

Sophos

Mal/Bbindi-C

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Barys

10325

Total Defense

Win32/DotNetDl.A!generic

37.0.11180

Trend Micro House Call

BKDR_BLADABI.SMC

7.2.275

Trend Micro

BKDR_BLADABI.SMC

10.465.02

VIPRE Antivirus

Backdoor.MSIL.Bladabindi.a

33102

Zillya! Antivirus

Trojan.Bladabindi.Win32.15180

2.0.0.1921

File size:

28.5 KB (29,184 bytes)

File PE Metadata

Compilation timestamp:

9/12/2014 5:40:31 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

384:/Yhg1hHN4uF7bxFBfXnmW4rv2Ymyhloidh1/cvG393XMP0LE2oGzEfbigvxwzNfv:bDFZFxXMvgyhi6mvG3xXc0LSffbUcBa

Entry address:

0x892E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

26.5 KB (27,136 bytes)

Remove {2157ce91-bbb5-4540-b057-8d00e1f68fde} - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.