» 4bd6624d895df7238adb29477f81a42e.exe
Overview
Analysis
File Details

4bd6624d895df7238adb29477f81a42e.exe

The executable 4bd6624d895df7238adb29477f81a42e.exe has been detected as malware by 36 anti-virus scanners. This backdoor trojan may be used to conduct distributed denial of service attacks, or used to install additional trojans or other forms of malicious software as well as can steal your sensitive information.

File name:

MD5:

4bd6624d895df7238adb29477f81a42e

SHA-1:

8102b2fc327058671987a48e61f08a9064704e41

SHA-256:

c93dc6af02dea2b270b3b96737741366d1d827358c6f40b175e2f0844f17fb46

Scanner detections:

36 / 68

Status:

Malware

Analysis date:

5/2/2024 1:52:53 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKDZ.24293

952

Agnitum Outpost

Trojan.Agent

7.1.1

AhnLab V3 Security

Win-Trojan/Zbot.24064

2014.06.27

Avira AntiVirus

TR/Dropper.Gen7

7.11.157.46

avast!

Win32:Dropper-NIH [Drp]

2014.9-140627

AVG

BackDoor.Generic18

2015.0.3430

Baidu Antivirus

Trojan.MSIL.Bladabindi

4.0.3.14627

Bitdefender

Trojan.GenericKDZ.24293

1.0.20.890

Comodo Security

Backdoor.MSIL.Bladabindi.A

18681

Dr.Web

BackDoor.Bladabindi.1056

9.0.1.0178

Emsisoft Anti-Malware

Trojan.GenericKDZ.24293

8.14.06.27.10

ESET NOD32

MSIL/Bladabindi.BH (variant)

8.10007

Fortinet FortiGate

MSIL/Bladabindi.Q!tr

6/27/2014

F-Prot

W32/MSIL_Bladabindi.G.gen

v6.4.7.1.166

F-Secure

Trojan.GenericKDZ.24293

11.2014-27-06_6

G Data

Trojan.GenericKDZ.24293

14.6.24

IKARUS anti.virus

Backdoor.MSIL

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.180.12538

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.3645

Malwarebytes

Trojan.MSIL

v2014.06.27.10

McAfee

BackDoor-FBIB!4BD6624D895D

5600.7086

Microsoft Security Essentials

Backdoor:MSIL/Bladabindi.AJ

1.10701

MicroWorld eScan

Trojan.GenericKDZ.24293

15.0.0.534

NANO AntiVirus

Trojan.Win32.DownLoader11.cxfbrl

0.28.0.60475

Norman

Bladabindi.JQ

11.20140627

nProtect

Trojan/W32.Agent.24064.UQ

14.06.26.02

Panda Antivirus

Generic Malware

14.06.27.10

Qihoo 360 Security

HEUR/Malware.QVM03.Gen

1.0.0.1015

Sophos

Troj/DotNet-P

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Bladabindi

10517

Total Defense

Win32/DotNetDl.A!generic

37.0.11023

Trend Micro House Call

Suspicious_GEN.F47V0625

7.2.178

Trend Micro

BKDR_BLBINDI.SMN

10.465.27

Vba32 AntiVirus

Trojan.MSIL.Disfa

3.12.26.3

VIPRE Antivirus

Backdoor.MSIL.Bladabindi.a

30692

Zillya! Antivirus

Trojan.Disfa.Win32.10565

2.0.0.1839

File size:

23.5 KB (24,064 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

6/22/2014 1:24:34 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

384:nsqS+ER6vRKXGYKRWVSujUtX9w6Dglo61Z5DVmRvR6JZlbw8hqIusZzZ4y:8f65K2Yf1jKRpcnu0

Entry address:

0x747E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.5219

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

21.5 KB (22,016 bytes)

Remove 4bd6624d895df7238adb29477f81a42e.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.