home

292299b9.exe

The executable 292299b9.exe has been detected as malware by 10 anti-virus scanners.
MD5:
002dd8ef32834c9a1492542bdfd7b58b

SHA-1:
86b1ad24fc0d693252b058593276eb54b9f965e4

SHA-256:
f641fa804bbea1587f53a4e884d2f7666b37087550b422326e8aafb662d0c60a

Scanner detections:
10 / 68

Status:
Malware

Analysis date:
4/26/2024 5:10:20 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Shifu-D [Trj]
160119-0

AVG
Win32/Heim
2015.0.4489

Emsisoft Anti-Malware
Trojan.Cripack.Gen
10.0.0.5366

ESET NOD32
Win32/Kryptik.DXVF trojan
7.0.302.0

Kaspersky
Backdoor.Win32.Androm
15.0.0.562

McAfee
Trojan.GenericR-EOY!002DD8EF3283
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.213.5020.0

Norman
Trojan.Cripack.Gen.1
03.12.2014 13:20:04

Sophos
Virus 'Mal/Tinba-Q'
5.22

VIPRE Antivirus
Threat.4150696
46838

File size:
196 KB (200,704 bytes)

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\ProgramData\292299b9.exe

File PE Metadata
Compilation timestamp:
5/8/2007 2:35:33 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:nFSbbaOCPCOrJrG9vnyJ+Rnr+m6ivXBuWaGsnqrGp5sKx7wtJYU4YZDX9BaF7:sKPDrgFyJUqm6oRubGsqrMt7EulYZDX

Entry address:
0x2B4F6

Entry point:
6A, 70, 68, 50, C2, 42, 00, E8, DE, 01, 00, 00, 33, DB, 53, 8B, 3D, 18, C0, 42, 00, FF, D7, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03, C8, 81, 39, 50, 45, 00, 00, 75, 12, 0F, B7, 41, 18, 3D, 0B, 01, 00, 00, 74, 1F, 3D, 0B, 02, 00, 00, 74, 05, 89, 5D, E4, EB, 27, 83, B9, 84, 00, 00, 00, 0E, 76, F2, 33, C0, 39, 99, F8, 00, 00, 00, EB, 0E, 83, 79, 74, 0E, 76, E2, 33, C0, 39, 99, E8, 00, 00, 00, 0F, 95, C0, 89, 45, E4, 89, 5D, FC, 6A, 02, FF, 15, D4, C1, 42, 00, 59, 83, 0D, 48, 21, 46, 00, FF, 83, 0D, 4C, 21...
 
[+]

Entropy:
7.6218

Developed / compiled with:
Microsoft Visual C++ v7.1

Code size:
172 KB (176,128 bytes)

Remove 292299b9.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.