» {2f15c3e9-c8f1-45d8-90a3-ec16190fd226}
Overview
Analysis
File Details

{2f15c3e9-c8f1-45d8-90a3-ec16190fd226}

The file {2f15c3e9-c8f1-45d8-90a3-ec16190fd226} has been detected as malware by 25 anti-virus scanners.

File name:

Version:

0.0.0.0

MD5:

d20e0e26842b882571f015846dce7654

SHA-1:

020b852d40700cbf6c151f8169c7cef8fb9fe263

SHA-256:

57a8c9097c7028deefbb5b1b628d8001dea0a9134d684f4dc0d63f7de678e782

Scanner detections:

25 / 68

Status:

Malware

Analysis date:

4/23/2024 6:51:22 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.443519

856

AhnLab V3 Security

Trojan/Win32.Llac

2014.09.14

Avira AntiVirus

TR/Dropper.MSIL.79962

7.11.171.244

avast!

Win32:Malware-gen

2014.9-141002

AVG

Luhe.Packed.H

2015.0.3334

Baidu Antivirus

Trojan.MSIL.Injector

4.0.3.14102

Bitdefender

Gen:Variant.Kazy.443519

1.0.20.1375

Comodo Security

UnclassifiedMalware

19509

Dr.Web

BackDoor.Lizard.12

9.0.1.0275

Emsisoft Anti-Malware

Gen:Variant.Kazy.443519

8.14.10.02.04

ESET NOD32

MSIL/Injector.FBB (variant)

8.10414

Fortinet FortiGate

Riskware/Generic

10/2/2014

F-Secure

Gen:Variant.Kazy.443519

11.2014-02-10_5

G Data

Gen:Variant.Kazy.443519

14.10.24

IKARUS anti.virus

Trojan.MSIL.Inject

t3scan.1.7.8.0

Kaspersky

Trojan-PSW.Win32.Fareit

14.0.0.3164

Malwarebytes

Backdoor.MSIL.PGen

v2014.10.02.04

McAfee

Artemis!D20E0E26842B

5600.6990

MicroWorld eScan

Gen:Variant.Kazy.443519

15.0.0.825

Panda Antivirus

Trj/CI.A

14.10.02.04

Qihoo 360 Security

HEUR/Malware.QVM03.Gen

1.0.0.1015

Sophos

Mal/Generic-S

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Crypted

10325

Trend Micro House Call

TROJ_GEN.R06AH09ID14

7.2.275

ViRobot

Trojan.Win32.S.Llac.131072.D

2011.4.7.4223

File size:

128 KB (131,072 bytes)

Product version:

0.0.0.0

Original file name:

servercrypted.exe

File PE Metadata

Compilation timestamp:

9/12/2014 10:49:16 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

3072:j91MOvFFVxIs2EanGPBXGCPFCW/S7Eoatr1ao0+A6EeOQ2swbij:3xBCUbao08Eev

Entry address:

0x1EBCE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

116 KB (118,784 bytes)

Remove {2f15c3e9-c8f1-45d8-90a3-ec16190fd226} - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.