» 2395252760322905022e.exe
Overview
Analysis
File Details
Behaviors (1)

2395252760322905022e.exe

The application 2395252760322905022e.exe has been detected as a potentially unwanted program by 12 anti-malware scanners. It runs as a scheduled task under the Windows Task Scheduler named DashNotes triggered daily at a specified time.

File name:

MD5:

74ac344b2e117ec53ebaff4f9e579bd6

SHA-1:

0b358b8c24ff3d10855b484c2caa8434abfd091c

SHA-256:

72f030e3721a7bbf8efda6da1dc23e780eb3d99c66c1cf437399179f5da1698f

Scanner detections:

12 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 12:29:12 AM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Evo-gen [Susp]

160214-1

AVG

Could be an adware AdLoad

2015.0.4530

Dr.Web

Trojan.PWS.Qqpass.11516

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Adware.Kazy.706377

10.0.0.5366

ESET NOD32

Win32/Adware.MultiPlug.NQ application

7.0.302.0

F-Secure

Variant.Adware.Kazy

5.15.21

Kaspersky

not-a-virus:AdWare.Win32.MultiPlug

15.0.0.562

McAfee

Program.MultiPlug

18.0.204.0

Microsoft Security Essentials

Threat.Undefined

1.213.6222.0

Norman

Gen:Variant.Adware.Kazy.706377

13.02.2016 01:47:07

Sophos

PUA 'MultiPlug' (of type Adware)

5.23

VIPRE Antivirus

Threat.5180739

47086

File size:

317 KB (324,608 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\ProgramData\{9f99b884-8523-1d0c-9f99-9b884852e212}\2395252760322905022e.exe

File PE Metadata

Compilation timestamp:

1/9/2012 8:52:47 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

6144:j9irth1yc/mOjKvU85506OaJMg7EuWSBIMjuxOhicnSI:j9irZj/KvUKdOu/RBLuxCSI

Entry address:

0x1820

Entry point:

55, 89, E5, E8, 18, FD, FF, FF, 5D, E9, 62, 3E, 00, 00, CC, CC, 55, 89, E5, 53, 57, 56, 81, E4, FC, FF, FF, FF, 81, EC, 64, 09, 00, 00, 89, C0, 89, DB, 89, C9, 89, D2, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 8B, 45, 08, 89, 44, 24, 04, C7, 44, 24, 08, 05, 00, 00, 00, 8D, B4, 24, 4F, 01, 00, 00, 89, 34, 24, E8, D0, 0F, 00, 00... 
[+]

Entropy:

6.6889

Code size:

18 KB (18,432 bytes)

Scheduled Task

Task name:

DashNotes

Trigger:

Daily (Runs daily at 3:54 AM)

Remove 2395252760322905022e.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.