» 479732b09b27eec987311a0b182b4bc0
Overview
Analysis
File Details

479732b09b27eec987311a0b182b4bc0

fheuzjd

The file 479732b09b27eec987311a0b182b4bc0 has been detected as malware by 18 anti-virus scanners.

File name:

Product:

fheuzjd

Version:

1.0.0.0

MD5:

479732b09b27eec987311a0b182b4bc0

SHA-1:

d293f9a5dd5bb609bdee683e86877035af665fae

SHA-256:

2208fcbbd7865cd7b1887086d00fb2eacc2462d8de426473ba353656a503c2e9

Scanner detections:

18 / 68

Status:

Malware

Analysis date:

4/26/2024 4:43:03 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.496447

804

avast!

Win32:Malware-gen

2014.9-141123

AVG

MSIL5

2015.0.3282

Baidu Antivirus

Trojan.MSIL.Crypt

4.0.3.141123

Bitdefender

Gen:Variant.Kazy.496447

1.0.20.1635

Dr.Web

Trojan.DownLoader11.42957

9.0.1.0327

Emsisoft Anti-Malware

Gen:Variant.Kazy.496447

8.14.11.23.09

ESET NOD32

MSIL/Injector.GIB (variant)

8.10748

F-Prot

W32/Trojan3.MEJ

v6.4.7.1.166

F-Secure

Gen:Variant.Kazy.496447

11.2014-23-11_1

G Data

Gen:Variant.Kazy.496447

14.11.24

Kaspersky

Trojan.MSIL.Crypt

14.0.0.2903

Malwarebytes

Backdoor.Agent.PDLGen

v2014.11.23.09

McAfee

Artemis!479732B09B27

5600.6938

MicroWorld eScan

Gen:Variant.Kazy.496447

15.0.0.981

Qihoo 360 Security

HEUR/QVM03.0.Malware.Gen

1.0.0.1015

Sophos

Troj/MSIL-AWM

4.98

Trend Micro House Call

TROJ_GEN.R047B01KJ14

7.2.327

File size:

1.2 MB (1,238,016 bytes)

Product version:

1.0.0.0

Original file name:

fheuzjd.exe

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\91\479732b09b27eec987311a0b182b4bc0

File PE Metadata

Compilation timestamp:

11/14/2014 1:51:01 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

24576:teXvQ+pHa4PH0UrtiVdH7N1ixrn2ZuKz9YArvBziOjJfXBH5KgY:WvQ+M4PUUQVOKZuKz9NrvBziOjJBHK

Entry address:

0x53EE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, C5, 08, 66, 54, 00, 00, 00, 00, 02, 00, 00, 00, 1C, 01, 00, 00, 1C, 60, 00, 00, 1C, 38, 00, 00, 52, 53, 44, 53, F3, 83, 74, 3E, 8C, 86, 4B, 42, A0, 19, BA, 77, F8, F7, 16, 1C, 01, 00, 00, 00, 43, 3A, 5C, 55, 73, 65, 72, 73, 5C, 55, 73, 65, 72, 5C, 68, 75, 62, 69, 43, 5C, 50, 72, 6F, 6A, 65, 74, 20, 48, 46, 20, 43, 75, 62, 65, 20, 43, 72, 79, 70, 74, 65, 72, 5C, 34, 2E, 32, 2E, 30, 20, 2D, 20, 32, 35, 2E, 31, 30, 2E, 31... 
[+]

Entropy:

6.6302

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

13 KB (13,312 bytes)

Remove 479732b09b27eec987311a0b182b4bc0 - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.