home

28beb999b12b1e8d270130e1c0725353

GreekWiFi

X-Lame TM

The file 28beb999b12b1e8d270130e1c0725353, “GreekWiFi - Security testing tool for WiFi routers provided by Greek ISPs” has been detected as malware by 22 anti-virus scanners.
Publisher:
X-Lame TM

Product:
GreekWiFi

Description:
GreekWiFi - Security testing tool for WiFi routers provided by Greek ISPs

Version:
3.00.0153

MD5:
28beb999b12b1e8d270130e1c0725353

SHA-1:
5f73560db60acdcc795752a99f259aa39187f3fb

SHA-256:
627c1eb0ac061042b84405bf008ea5b95600aecf015296419260dbc7fc9e3ef7

Scanner detections:
22 / 68

Status:
Malware

Analysis date:
4/25/2024 8:43:09 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.1983311
804

AhnLab V3 Security
Malware/Win32.Generic
2014.11.20

Avira AntiVirus
TR/Dropper.MSIL.97821
7.11.187.188

avast!
MSIL:Kryptik-AR [Trj]
2014.9-141123

AVG
MSIL5
2015.0.3282

Baidu Antivirus
Trojan.MSIL.Kryptik
4.0.3.141123

Bitdefender
Trojan.GenericKD.1983311
1.0.20.1635

Dr.Web
BackDoor.Comet.1783
9.0.1.0327

Emsisoft Anti-Malware
Trojan.MSIL.Agent
8.14.11.23.09

ESET NOD32
MSIL/Kryptik.ANZ (variant)
8.10752

F-Secure
Trojan.GenericKD.1983311
11.2014-23-11_1

G Data
Trojan.GenericKD.1983311
14.11.24

IKARUS anti.virus
Backdoor.Win32.DarkKomet
t3scan.1.8.3.0

Kaspersky
Backdoor.Win32.DarkKomet
14.0.0.2903

Malwarebytes
Trojan.FakeWI
v2014.11.23.09

McAfee
Artemis!28BEB999B12B
5600.6938

MicroWorld eScan
Trojan.GenericKD.1983311
15.0.0.981

NANO AntiVirus
Trojan.Win32.Comet.djcecm
0.28.6.63474

nProtect
Trojan.GenericKD.1983311
14.11.20.01

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

Sophos
Mal/Generic-S
4.98

Trend Micro House Call
Suspicious_GEN.F47V1119
7.2.327

File size:
1.5 MB (1,537,024 bytes)

Product version:
3.00.0153

Original file name:
GreekWiFi.exe

Language:
English (United States)

Common path:
C:\users\{user}\downloads\91\28beb999b12b1e8d270130e1c0725353

File PE Metadata
Compilation timestamp:
11/13/2014 4:37:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:eT57iMe/2CpSgehIIjsOA3JYW7wCQVYNN0SQCAklR7dyL:eTgND7eh9oJCTYNmSQtklVUL

Entry address:
0x16755E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.8429

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
1.4 MB (1,463,808 bytes)

Remove 28beb999b12b1e8d270130e1c0725353 - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.