» 25.exe
Overview
Analysis
File Details

25.exe

SKYPE\Ben

The executable 25.exe has been detected as malware by 32 anti-virus scanners.

File name:

25.exe

Publisher:

SKYPE\Ben (signed and verified)

MD5:

4da05a06a716d1d17739daeeb1066c50

SHA-1:

ba80e2e85f75f3403959588668b80cd67fa4c223

SHA-256:

57b99d047c3b062b8d13b430bebc362d4f63a48659a53d05b1c4678e447207db

Scanner detections:

32 / 68

Status:

Malware

Analysis date:

4/26/2024 5:17:45 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1493667

282

AhnLab V3 Security

Spyware/Win32.Zbot

16.04.28

Avira AntiVirus

TR/Rogue.1493667

7.11.146.234

avast!

MSIL:Agent-BCJ [Trj]

2014.9-160428

AVG

Generic35

2017.0.2760

Baidu Antivirus

Trojan.Win32.Llac

4.0.3.16428

Bitdefender

Trojan.GenericKD.1493667

1.0.20.595

Comodo Security

TrojWare.MSIL.Injector.CPE

18209

Dr.Web

Win32.HLLW.Autoruner.25074

9.0.1.0119

Emsisoft Anti-Malware

Trojan.GenericKD.1493667

8.16.04.28.09

ESET NOD32

MSIL/Injector.CMX (variant)

10.9752

Fortinet FortiGate

W32/Llac.DTMW!tr

4/28/2016

F-Secure

Trojan.GenericKD.1493667

11.2016-28-04_5

G Data

Trojan.GenericKD.1493667

16.4.24

IKARUS anti.virus

Trojan.Msil

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.177.11965

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.293

Malwarebytes

Trojan.MSIL.Agent

v2016.04.28.09

McAfee

RDN/Generic.bfr!fr

5600.6416

Microsoft Security Essentials

Worm:Win32/Rebhip.A

1.10502

MicroWorld eScan

Trojan.GenericKD.1493667

17.0.0.357

NANO AntiVirus

Trojan.Win32.Llac.ctphln

0.28.0.59608

Norman

Rebhip.CEB

11.20160428

nProtect

Trojan.GenericKD.1493667

14.05.02.01

Panda Antivirus

Generic Malware

16.04.28.09

Qihoo 360 Security

HEUR/Malware.QVM03.Gen

1.0.0.1015

Sophos

Mal/MSIL-HD

4.98

Total Defense

Win32/Rebhip.eSYYTHC

37.0.10914

Trend Micro House Call

TROJ_GEN.F47V0109

7.2.119

Vba32 AntiVirus

Trojan.Llac

3.12.26.0

VIPRE Antivirus

Trojan.Win32.Generic

28810

Zillya! Antivirus

Trojan.Llac.Win32.45178

2.0.0.1775

File size:

615.9 KB (630,672 bytes)

File type:

Executable application (Win32 EXE)

Digital Signature

Signed by:

SKYPE\Ben

Authority:

SKYPE\Ben

Valid from:

1/3/2014 3:20:33 AM

Valid to:

1/3/2015 9:20:33 AM

Subject:

CN=SKYPE\Ben

Issuer:

CN=SKYPE\Ben

Serial number:

210176E5DA90CFAF414834CFA4273610

File PE Metadata

Compilation timestamp:

1/9/2014 7:50:41 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

12288:WRjtOKPLEbo/uSnfBPm2nhfrpAsk4BlK/59JkwXWv:M6o/LVhk2OTWv

Entry address:

0x8ACDE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.4010

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

547.5 KB (560,640 bytes)

Remove 25.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.