» 3a55d9e0c.cpp
Overview
Analysis
File Details

3a55d9e0c.cpp

The file 3a55d9e0c.cpp has been detected as malware by 31 anti-virus scanners.

File name:

3a55d9e0c.cpp

MD5:

4135ac096fe032d83c4f42b8bcba9746

SHA-1:

31b4498f423b811287e3974870bdf50f55229cf6

SHA-256:

6b3a274516ba02963f1f54167b398b190427082bfbb271d032e444e7cd5bc8ab

Scanner detections:

31 / 68

Status:

Malware

Analysis date:

4/18/2024 8:06:47 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.580611

651

Agnitum Outpost

Trojan.Foreign

7.1.1

AhnLab V3 Security

Trojan/Win32.Reveton

2015.04.18

Avira AntiVirus

TR/Crypt.ZPACK.133010

3.6.1.96

avast!

Win32:Malware-gen

2014.9-150425

AVG

Crypt4

2016.0.3129

Baidu Antivirus

Trojan.Win32.Ransom

4.0.3.15425

Bitdefender

Gen:Variant.Kazy.580611

1.0.20.575

Comodo Security

UnclassifiedMalware

21804

Emsisoft Anti-Malware

Gen:Variant.Kazy.580611

8.15.04.25.02

ESET NOD32

Win32/Kryptik.DCPM (variant)

9.11493

Fortinet FortiGate

W32/Kryptik.DBUU!tr

4/25/2015

F-Prot

W32/S-7dc829ba

v6.4.7.1.166

F-Secure

Gen:Variant.Kazy.580611

11.2015-25-04_7

G Data

Gen:Variant.Kazy.580611

15.4.25

IKARUS anti.virus

Trojan.Win32.Crypt

t3scan.1.8.9.0

K7 AntiVirus

Trojan

13.202.15636

Kaspersky

Trojan-Ransom.Win32.Foreign

14.0.0.2139

Malwarebytes

Backdoor.Bot.ED

v2015.04.25.02

McAfee

RDN/Ransom!es

5600.6785

Microsoft Security Essentials

Ransom:Win32/Reveton.AB

1.1.11502.0

MicroWorld eScan

Gen:Variant.Kazy.580611

16.0.0.345

NANO AntiVirus

Trojan.Win32.Foreign.dpqqxn

0.30.16.1110

Norman

Troj_Generic.ZSBNW

11.20150425

Panda Antivirus

Trj/Genetic.gen

15.04.25.02

Qihoo 360 Security

Win32/Trojan.38c

1.0.0.1015

Quick Heal

TrojanRansom.Foreign.r7

4.15.14.00

Sophos

Mal/EncPk-AQV

4.98

Trend Micro House Call

TROJ_GEN.R047C0DCU15

7.2.115

Trend Micro

TROJ_GEN.R047C0DCU15

10.465.25

VIPRE Antivirus

Trojan.Win32.Generic

39438

File size:

228 KB (233,472 bytes)

Common path:

C:\ProgramData\3a55d9e0c.cpp

File PE Metadata

Compilation timestamp:

3/20/2015 10:27:23 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

3072:r2g3xL25rU7LD1V1K+MeRdc3bCHfXF4pyfJi4:rVxKMvclGdJiU8

Entry address:

0x5854

Entry point:

55, 89, E5, 83, EC, 04, C7, 45, FC, 00, 00, 00, 00, E9, 4A, FF, FF, FF, 89, EC, 5D, C2, 0C, 00, 8B, 45, F4, C3, B6, 63, 0B, D8, 9C, 69, 24, BE, 2B, 4F, 4F, C1, E4, B6, F3, 2D, 34, EB, 66, AC, DC, 3B, 00, CC, FF, 25, C4, 60, 00, 0B, FF, 25, C0, 60, 00, 0B, FF, 25, BC, 60, 00, 0B, FF, 25, B8, 60, 00, 0B, FF, 25, B4, 60, 00, 0B, FF, 25, B0, 60, 00, 0B, FF, 25, A8, 60, 00, 0B, FF, 25, A4, 60, 00, 0B, FF, 25, A0, 60, 00, 0B, FF, 25, 9C, 60, 00, 0B, FF, 25, 98, 60, 00, 0B, FF, 25, AC, 60, 00, 0B, FF, 25, C8, 60... 
[+]

Entropy:

4.4833

Code size:

20 KB (20,480 bytes)

Remove 3a55d9e0c.cpp - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.