» {4137c79d-880d-0676-5702-43bfa2230494}-vhngvive.exe
Overview
Analysis
File Details

{4137c79d-880d-0676-5702-43bfa2230494}-vhngvive.exe

The executable {4137c79d-880d-0676-5702-43bfa2230494}-vhngvive.exe has been detected as malware by 14 anti-virus scanners. According to AVG, this software downloads additional adware offers during setup.

File name:

MD5:

bf0129029e919572cce9f26fa909a686

SHA-1:

81c4ff2c370dedb61e0b7d27d00a47a8e5dc6e29

SHA-256:

8599db6a68056ea77a14daf4f5d1a09a47248809e6b34b6c1b89e400c2b88cf4

Scanner detections:

14 / 68

Status:

Malware

Analysis date:

4/25/2024 2:50:45 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.489460

5831067

Avira AntiVirus

TR/Crypt.Xpack.109329

7.11.188.92

AVG

Trojan horse Downloader.Generic14.EOT

2014.0.4189

Bitdefender

Gen:Variant.Kazy.489460

1.0.20.1635

Dr.Web

Trojan.KillFiles.15825

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Kazy.489460

9.0.0.4570

F-Secure

Gen:Variant.Kazy.489460

11.2014-23-11_1

G Data

Gen:Variant.Kazy.489460

14.11.24

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.2900

McAfee

Downloader-FAHQ!1CBA82B734FD

5600.6937

MicroWorld eScan

Gen:Variant.Kazy.489460

15.0.0.981

NANO AntiVirus

Trojan.Win32.Xpack.dinrfm

0.28.6.63474

Quick Heal

Win32.PWS.Ldpinch.1

11.14.14.00

Sophos

Troj/Kuluoz-E

4.98

File size:

110.5 KB (113,152 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\ProgramData\microsoft\microsoft antimalware\localcopy\{4137c79d-880d-0676-5702-43bfa2230494}-vhngvive.exe

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

768:5qdv1rnw7mV4tar4d6/gP0FmQNzlk5un/iOpkxOuW+bJAAR3WOAEiIqX1XT0Ls1q:P4YldGgP2mbukhbJpRfinD0LshL+dv

Entry point:

B2, A5, 7F, FF, FE, FF, FF, FF, FB, FF, EF, FF, 00, 00, FF, FF, BF, FE, FF, FF, FF, FF, FF, FF, BF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, 7F, FF, FF, FF, F1, E0, 45, F1, FF, 4B, F6, 32, DE, 47, FE, B3, 32, DE, AB, 97, 96, 8C, DF, 8F, 8D, 90, 98, 8D, 9E, 92, DF, 9C, 9E, 91, 91, 90, 8B, DF, 9D, 9A, DF, 8D, 8A, 91, DF, 96, 91, DF, BB, B0, AC, DF, 92, 90, 9B, 9A, D1, F2, F5, DB, FF, FF, FF, FF, FF, FF, FF, FF... 
[+]

Entropy:

7.0104

Remove {4137c79d-880d-0676-5702-43bfa2230494}-vhngvive.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.