» 3bb287b6851e601663d365b9c2d5c131.exe
Overview
Analysis
File Details

3bb287b6851e601663d365b9c2d5c131.exe

The executable 3bb287b6851e601663d365b9c2d5c131.exe has been detected as malware by 13 anti-virus scanners.

File name:

Version:

0.0.0.0

MD5:

3bb287b6851e601663d365b9c2d5c131

SHA-1:

8b2a3c304ed665575cc43c4ad60c312468dd4b37

SHA-256:

05db35c45b2f4a0c05c89b13c01400a35a5d633d2aeb428faf2e9217adfeb06a

Scanner detections:

13 / 68

Status:

Malware

Analysis date:

4/20/2024 2:43:27 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1936030

835

Avira AntiVirus

DR/Binder.DX.2

7.11.180.144

AVG

MSIL5

2015.0.3313

Baidu Antivirus

Trojan.MSIL.Binder

4.0.3.141022

Bitdefender

Trojan.GenericKD.1936030

1.0.20.1475

Emsisoft Anti-Malware

Trojan.GenericKD.1936030

8.14.10.22.06

ESET NOD32

MSIL/TrojanDropper.Binder.DX (variant)

8.10603

F-Secure

Trojan.GenericKD.1936030

11.2014-22-10_4

G Data

Trojan.GenericKD.1936030

14.10.24

IKARUS anti.virus

Backdoor.MSIL

t3scan.1.7.8.0

MicroWorld eScan

Trojan.GenericKD.1936030

15.0.0.885

NANO AntiVirus

Trojan.Win32.ArchSMS.ctpuyz

0.28.2.62841

nProtect

Trojan.GenericKD.1936030

14.10.22.01

File size:

504.5 KB (516,608 bytes)

Product version:

0.0.0.0

Original file name:

lovly sexy.Scr

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

File PE Metadata

Compilation timestamp:

10/22/2014 4:22:21 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

12288:ntzO41M6mAxfHz5Cw1v8Rl6RK5/VTWowLuS:nTu16Pz8TRPtvwL

Entry address:

0x7F5B6

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, F0, 07, 00, 0C, 00, 00, 00, B8, 35, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

501.5 KB (513,536 bytes)

Remove 3bb287b6851e601663d365b9c2d5c131.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.