» {35658b47-1868-4324-8776-d66fb7dca4a6}
Overview
Analysis
File Details

{35658b47-1868-4324-8776-d66fb7dca4a6}

The file {35658b47-1868-4324-8776-d66fb7dca4a6} has been detected as malware by 33 anti-virus scanners. This backdoor trojan may be used to conduct distributed denial of service attacks, or used to install additional trojans or other forms of malicious software as well as can steal your sensitive information.

File name:

MD5:

324de197b37902c7097cde0576e45aa1

SHA-1:

ea4a7a740f838cef88e036831e443e9c36416c31

SHA-256:

98c19b6e6e82ef95aafdcafaedf1ec77d49d3cbe39d8a8766f0562fefcb5ca28

Scanner detections:

33 / 68

Status:

Malware

Analysis date:

4/27/2024 3:18:34 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKDZ.24293

856

AhnLab V3 Security

Backdoor/Win32.Bladabindi

2014.06.06

Avira AntiVirus

TR/Dropper.Gen7

7.11.153.98

avast!

MSIL:Agent-BKA [Trj]

2014.9-141002

AVG

PSW.ILUSpy

2015.0.3334

Baidu Antivirus

Trojan.MSIL.Bladabindi

4.0.3.14102

Bitdefender

Trojan.GenericKDZ.24293

1.0.20.1375

Comodo Security

Backdoor.MSIL.Bladabindi.A

18450

Dr.Web

Trojan.DownLoader10.63222

9.0.1.0275

Emsisoft Anti-Malware

Trojan.GenericKDZ.24293

8.14.10.02.04

ESET NOD32

MSIL/Bladabindi.BH (variant)

8.9902

Fortinet FortiGate

MSIL/Bladabindi.Q!tr

10/2/2014

F-Prot

W32/MSIL_Bladabindi.G.gen

v6.4.7.1.166

F-Secure

Trojan.GenericKDZ.24293

11.2014-02-10_5

G Data

Trojan.GenericKDZ.24293

14.10.24

IKARUS anti.virus

Backdoor.MSIL

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.1712319

Kaspersky

Backdoor.MSIL.Agent

14.0.0.3164

Malwarebytes

Trojan.MSIL

v2014.10.02.04

McAfee

BackDoor-FBIB!324DE197B379

5600.6990

Microsoft Security Essentials

Backdoor:MSIL/Bladabindi.AJ

1.10600

MicroWorld eScan

Trojan.GenericKDZ.24293

15.0.0.825

NANO AntiVirus

Trojan.Win32.DownLoader11.cxfbrl

0.28.0.60100

Norman

Bladabindi.JQ

11.20141002

nProtect

Trojan.GenericKDZ.24293

14.06.05.01

Panda Antivirus

Generic Malware

14.10.02.04

Qihoo 360 Security

Malware.QVM03.Gen

1.0.0.1015

Sophos

Mal/Bbindi-B

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Bladabindi

10325

Trend Micro House Call

TROJ_GEN.F47V0605

7.2.275

Trend Micro

BKDR_BLADABI.SMC

10.465.02

Vba32 AntiVirus

Trojan.MSIL.Disfa

3.12.26.0

VIPRE Antivirus

Backdoor.MSIL.Bladabindi.a

30002

File size:

182 KB (186,368 bytes)

File PE Metadata

Compilation timestamp:

6/5/2014 4:49:46 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

3072:/sdc0Ch4fWYCvQ9XpePPcWNKKASG7c4mfySwo9P7xMUyXd:yNHwP+KB4mvwalMrX

Entry address:

0x748E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

21.5 KB (22,016 bytes)

Remove {35658b47-1868-4324-8776-d66fb7dca4a6} - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.