» {2e6dddf7-0abe-4f62-81bd-af6d25e187cc}
Overview
Analysis
File Details

{2e6dddf7-0abe-4f62-81bd-af6d25e187cc}

The file {2e6dddf7-0abe-4f62-81bd-af6d25e187cc} has been detected as malware by 35 anti-virus scanners. This backdoor trojan may be used to conduct distributed denial of service attacks, or used to install additional trojans or other forms of malicious software as well as can steal your sensitive information.

File name:

Version:

0.0.0.0

MD5:

39118e7585bc7f89e36f3350f76896f0

SHA-1:

7b445c381cc91ab5bf86d6688432f019c032e6e2

SHA-256:

579ff462d69c54b6dd81c584c6a83a32702181fb847e52d50026bd3be11d4711

Scanner detections:

35 / 68

Status:

Malware

Analysis date:

4/26/2024 11:16:45 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Barys.20525

856

Agnitum Outpost

Backdoor.Agent

7.1.1

AhnLab V3 Security

Trojan/Win32.Bladabindi

2014.06.10

Avira AntiVirus

BDS/Bladabindi.bcgj

7.11.153.246

avast!

MSIL:Agent-BXF [Trj]

2014.9-141002

AVG

Dropper.Msil

2015.0.3334

Baidu Antivirus

Trojan.MSIL.Binder

4.0.3.14102

Bitdefender

Gen:Variant.Barys.20525

1.0.20.1375

Comodo Security

TrojWare.MSIL.Binder.BCA

18496

Dr.Web

Win32.HLLW.Autoruner.25074

9.0.1.0275

Emsisoft Anti-Malware

Gen:Variant.Barys.20525

8.14.10.02.04

ESET NOD32

MSIL/TrojanDropper.Binder.CZ (variant)

8.9919

Fortinet FortiGate

W32/SHOPIC.SMA!tr.bdr

10/2/2014

F-Secure

Gen:Variant.Barys.20525

11.2014-02-10_5

G Data

Gen:Variant.Barys.20525

14.10.24

IKARUS anti.virus

Trojan-Dropper.MSIL

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.1712348

Kaspersky

Backdoor.Win32.Agent

14.0.0.3164

Malwarebytes

Backdoor.Bot.MSIL

v2014.10.02.04

McAfee

BackDoor-FBHS!39118E7585BC

5600.6990

Microsoft Security Essentials

Backdoor:MSIL/Bladabindi.AJ

1.10600

MicroWorld eScan

Gen:Variant.Barys.20525

15.0.0.825

NANO AntiVirus

Trojan.Win32.Agent.cwbgfg

0.28.0.60253

Norman

Bladabindi.D

11.20141002

nProtect

Backdoor/W32.Agent.454656.AN

14.06.09.01

Panda Antivirus

Trj/CI.A

14.10.02.04

Qihoo 360 Security

Win32/Backdoor.695

1.0.0.1015

Quick Heal

Trojan.Bladabindi.B3

10.14.14.00

Rising Antivirus

PE:Backdoor.Bot!1.6675

23.00.65.14930

Sophos

Troj/dnsauce-B

4.98

Total Defense

Win32/DotNetBinder.A!generic

37.0.10989

Trend Micro House Call

TROJ_GEN.F47V0605

7.2.275

Trend Micro

BKDR_SHOPIC.SMA

10.465.02

Vba32 AntiVirus

Trojan.MSIL.Disfa

3.12.26.0

VIPRE Antivirus

Backdoor.MSIL.Bladabindi.a

30134

File size:

444 KB (454,656 bytes)

Product version:

0.0.0.0

Original file name:

Download Photos.Scr

File PE Metadata

Compilation timestamp:

6/5/2014 12:40:48 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

1536:K7lvQ9AlWKhG29jR/mF6xhaXfDc/34nlMHxsJwnJCsGeSFmrX7LmO:MvYyA29gRDc7xAsGqrnmO

Entry address:

0x1373E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

72 KB (73,728 bytes)

Remove {2e6dddf7-0abe-4f62-81bd-af6d25e187cc} - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.