» 268ac02e14886b5e8fa0bde4f9775155.exe
Overview
Analysis
File Details

268ac02e14886b5e8fa0bde4f9775155.exe

Shadow Crypter Launcher

The executable 268ac02e14886b5e8fa0bde4f9775155.exe has been detected as malware by 19 anti-virus scanners.

File name:

Publisher:

Shadow Crypter Launcher

Product:

Shadow Crypter Launcher

Version:

1.0.0.0

MD5:

268ac02e14886b5e8fa0bde4f9775155

SHA-1:

8d7ccc7bf1892d74311f17cb326cc66fc13b1d18

SHA-256:

a738846f09b37b2735a3325de332058f441769a91689bfa4a24a78a704e54ca7

Scanner detections:

19 / 68

Status:

Malware

Analysis date:

4/25/2024 11:06:32 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.11592326

835

Avira AntiVirus

TR/Dropper.MSIL.Gen

7.11.180.144

AVG

MSIL4

2015.0.3313

Baidu Antivirus

Hacktool.MSIL.NetSeal

4.0.3.141022

Bitdefender

Trojan.Generic.11592326

1.0.20.1475

Emsisoft Anti-Malware

Trojan.Generic.11592326

8.14.10.22.06

ESET NOD32

MSIL/Packed.NetSeal (variant)

8.10603

F-Secure

Trojan.Generic.11592326

11.2014-22-10_4

G Data

Trojan.Generic.11592326

14.10.24

IKARUS anti.virus

Trojan.Dropper

t3scan.1.7.8.0

McAfee

Artemis!268AC02E1488

5600.6969

MicroWorld eScan

Trojan.Generic.11592326

15.0.0.885

NANO AntiVirus

Trojan.Win32.PassView.dbsgiq

0.28.2.62841

Norman

Obfuscated.gen!r

11.20141022

nProtect

Trojan.Generic.11592326

14.10.22.01

Sophos

Generic PUA IN

4.98

Trend Micro House Call

TROJ_GEN.R0CBC0OH514

7.2.295

Trend Micro

TROJ_GEN.R0CBC0OH514

10.465.22

VIPRE Antivirus

Trojan.Win32.Generic

34144

File size:

256.5 KB (262,656 bytes)

Product version:

1.0.0.0

Original file name:

Shadow Crypter Launcher.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

File PE Metadata

Compilation timestamp:

5/29/2014 4:43:00 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

3072:jmfaDJybvXFUhNkTmDh35VnWZJaD0drLRbab+MnEE1Ny7ce7xvT5ktF7biSjN5AH:jNkyDZ5cC0d9ZEfMLhY7lHZlME

Entry address:

0x26BAE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 03, 00, 00, 00, 30, 00, 00, 80, 0E, 00, 00, 00, 78, 00, 00, 80, 10, 00, 00, 00, 90, 00, 00, 80, 18, 00, 00, 00, A8, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

147 KB (150,528 bytes)

Remove 268ac02e14886b5e8fa0bde4f9775155.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.