» {3cadfc8b-2ff0-4c6a-954e-18e83d79345b}
Overview
Analysis
File Details

{3cadfc8b-2ff0-4c6a-954e-18e83d79345b}

The file {3cadfc8b-2ff0-4c6a-954e-18e83d79345b} has been detected as malware by 32 anti-virus scanners. This trojon will perform a number of actions that will compromise a PC including changing protected system registry values, hiding in protected operating system locations and downloading and installing additional malware.

File name:

MD5:

b313756bca4c90985b658863a1d36eec

SHA-1:

58d5b9ee12e2370835e2dcc59c571128f56c2380

SHA-256:

b7337ab543cdb3df2b8fb2930dd88ade6f9c70162852bb7a73af0a1b8ad72f2b

Scanner detections:

32 / 68

Status:

Malware

Analysis date:

4/25/2024 6:37:10 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Win32.ExplorerHijack.EC4@a4fk01eO

856

AhnLab V3 Security

Spyware/Win32.Bancos

14.10.02

Avira AntiVirus

TR/ATRAPS.Gen

7.11.138.132

avast!

Win32:Trojan-gen

2014.9-141002

AVG

Generic_s

2015.0.3334

Baidu Antivirus

Trojan.Win32.Inject

4.0.3.14102

Bitdefender

Gen:Win32.ExplorerHijack.EC4@a4fk01eO

1.0.20.1375

Comodo Security

UnclassifiedMalware

17982

Dr.Web

Trojan.Inject1.39227

9.0.1.0275

Emsisoft Anti-Malware

Gen:Win32.ExplorerHijack.EC4@a4fk01eO

8.14.10.02.04

ESET NOD32

Win32/Inject.NHN (variant)

8.9582

Fortinet FortiGate

W32/Inject.IXHB!tr

10/2/2014

F-Secure

Gen:Win32.ExplorerHijack.EC4@a4fk01eO

11.2014-02-10_5

G Data

Gen:Win32.ExplorerHijack.EC4@a4fk01eO

14.10.24

IKARUS anti.virus

Trojan.Win32.Inject

t3scan.2.2.29

K7 AntiVirus

Trojan

13.176.11524

Kaspersky

Trojan.Win32.Inject

14.0.0.3164

Malwarebytes

Trojan.Banker.DE

v2014.10.02.04

McAfee

RDN/Generic.dx!czd

5600.6990

Microsoft Security Essentials

Trojan:Win32/Malagent

1.10401

MicroWorld eScan

Gen:Win32.ExplorerHijack.EC4@a4fk01eO

15.0.0.825

NANO AntiVirus

Trojan.Win32.Inject.cvdign

0.28.0.58491

Norman

Suspicious_Gen5.AMTZL

11.20141002

Panda Antivirus

Generic Malware

14.10.02.04

Qihoo 360 Security

Win32/Trojan.3a7

1.0.0.1015

Sophos

Troj/Bancos-BXW

4.98

Total Defense

Win32/Tnega.XOQcI

37.0.10836

Trend Micro House Call

TROJ_GEN.R047C0PCA14

7.2.275

Trend Micro

TROJ_GEN.R047C0PCA14

10.465.02

Vba32 AntiVirus

BScope.Trojan.Agent

3.12.24.3

VIPRE Antivirus

Trojan.Win32.Generic

27690

XVirus List

Win32.Detected

2.10.2

File size:

488 KB (499,712 bytes)

File PE Metadata

Compilation timestamp:

3/6/2014 3:44:44 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:q/VWy3OmAwTOw27cv+c2yBxsF8888888888888W88888888888:oWy3OmNTDUo+ABx

Entry address:

0x3F2DC

Entry point:

55, 8B, EC, B9, 32, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 51, 53, 56, B8, 8C, BB, CF, 03, E8, 70, AA, FC, FF, 33, C0, 55, 68, D7, F5, CF, 03, 64, FF, 30, 64, 89, 20, E8, FD, B0, FC, FF, E8, F8, B0, FC, FF, E8, F3, B0, FC, FF, E8, EE, B0, FC, FF, 68, E8, F5, CF, 03, 6A, 00, 6A, 00, E8, 28, B0, FC, FF, E8, DB, B0, FC, FF, 85, C0, 0F, 85, 69, 02, 00, 00, 8D, 95, A8, FE, FF, FF, B8, 04, F6, CF, 03, E8, 8F, BD, FF, FF, 8B, 95, A8, FE, FF, FF, 8D, 85, AC, FE, FF, FF, B9, FF, 00, 00, 00, E8, 29, 77, FC, FF, 8D... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

250 KB (256,000 bytes)

Remove {3cadfc8b-2ff0-4c6a-954e-18e83d79345b} - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.