» {462eaeca-df35-4b28-9572-45140dedaa8e}
Overview
Analysis
File Details

{462eaeca-df35-4b28-9572-45140dedaa8e}

The file {462eaeca-df35-4b28-9572-45140dedaa8e} has been detected as malware by 23 anti-virus scanners. This backdoor trojan may be used to conduct distributed denial of service attacks, or used to install additional trojans or other forms of malicious software as well as can steal your sensitive information.

File name:

Version:

0.0.0.0

MD5:

bb0ddf5a23d66118ecf04239fa8ff09a

SHA-1:

b29d1907881a1a748ef519dea59965ac8a73ce9b

SHA-256:

d6025dfc32e52f6d3f71729feff934b51e3ae43fd6273ff33276c0f534600de2

Scanner detections:

23 / 68

Status:

Malware

Analysis date:

4/27/2024 12:35:10 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1857754

856

Avira AntiVirus

TR/Dropper.MSIL.79575

7.11.171.238

avast!

Win32:Malware-gen

2014.9-141002

AVG

MSIL4

2015.0.3334

Baidu Antivirus

Trojan.MSIL.Injector

4.0.3.14102

Bitdefender

Trojan.GenericKD.1857754

1.0.20.1375

Comodo Security

UnclassifiedMalware

19507

Dr.Web

BackDoor.Bladabindi.1056

9.0.1.0275

Emsisoft Anti-Malware

Backdoor.MSIL.Bladabindi

8.14.10.02.04

ESET NOD32

MSIL/Injector.BQY (variant)

8.10413

F-Secure

Trojan.GenericKD.1857754

11.2014-02-10_5

G Data

Trojan.GenericKD.1857754

14.10.24

IKARUS anti.virus

Trojan.MSIL.Inject

t3scan.1.7.8.0

Kaspersky

Trojan.MSIL.Zapchast

14.0.0.3164

Malwarebytes

Trojan.MSIL

v2014.10.02.04

McAfee

Artemis!BB0DDF5A23D6

5600.6990

Microsoft Security Essentials

Backdoor:MSIL/Bladabindi.AJ

1.10904

MicroWorld eScan

Trojan.GenericKD.1857754

15.0.0.825

NANO AntiVirus

Trojan.Win32.Bladabindi.devtqu

0.28.2.61942

Norman

Agent.AZKRJ

11.20141002

Panda Antivirus

Trj/CI.A

14.10.02.04

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_GEN.R06AH01IC14

7.2.275

File size:

917 KB (939,008 bytes)

Product version:

0.0.0.0

Original file name:

Server.exe

File PE Metadata

Compilation timestamp:

9/12/2014 6:33:30 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

12288:axe7OLjXm+MorB5x+5CUNRTeHl3vM+lV5XrubKjp7iZlMw:owOLbmOZ+fzeHhV5Xru8Wv

Entry address:

0xE6B7E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

915 KB (936,960 bytes)

Remove {462eaeca-df35-4b28-9572-45140dedaa8e} - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.