» 55bce72b-99ff-2569-6da2-d4a4eb294a1b.exe
Overview
Analysis
File Details

55bce72b-99ff-2569-6da2-d4a4eb294a1b.exe

The application 55bce72b-99ff-2569-6da2-d4a4eb294a1b.exe has been detected as a potentially unwanted program by 24 anti-malware scanners.

File name:

MD5:

b19d4cf70c96084963d8eac01ebb5de8

SHA-1:

a7522521884cdeefed687e3fe0d2782ed882304f

SHA-256:

2a02663c9e3ed89793fa753e8c5e4c23fdfa68cea9875d289c5b1f3e64fa453e

Scanner detections:

24 / 68

Status:

Potentially unwanted

Analysis date:

4/25/2024 10:58:56 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.Zusy.139188

550

Agnitum Outpost

PUA.AddLyrics

7.1.1

AVG

AddLyrics_r

2016.0.3028

Baidu Antivirus

Adware.Win32.AddLyrics

4.0.3.1584

Bitdefender

Gen:Variant.Adware.Zusy.139188

1.0.20.1080

Comodo Security

Application.Win32.AddLyrics.ANGL

22078

Dr.Web

Trojan.Revizer.635

9.0.1.0216

Emsisoft Anti-Malware

Gen:Variant.Adware.Zusy.139188

8.15.08.04.09

ESET NOD32

Win32/Adware.AddLyrics.EB (variant)

9.11609

Fortinet FortiGate

Riskware/AddLyrics

8/4/2015

F-Prot

W32/AddLyrics.C.gen

v6.4.7.1.166

F-Secure

Gen:Variant.Adware.Zusy

11.2015-04-08_3

G Data

Gen:Variant.Adware.Zusy.139188

15.8.25

IKARUS anti.virus

PUA.AddLyrics

t3scan.1.8.9.0

McAfee

Artemis!B19D4CF70C96

5600.6684

MicroWorld eScan

Gen:Variant.Adware.Zusy.139188

16.0.0.648

NANO AntiVirus

Riskware.Win32.AddLyrics.dpcvwl

0.30.24.1357

Panda Antivirus

Trj/Genetic.gen

15.08.04.09

Qihoo 360 Security

HEUR/QVM10.1.Malware.Gen

1.0.0.1015

Reason Heuristics

Threat.Win.Reputation.IMP

15.8.4.9

Rising Antivirus

PE:Malware.Obscure/Heur!1.9E03

23.00.65.15802

Trend Micro House Call

TROJ_GEN.R08NC0OEA15

7.2.216

Trend Micro

TROJ_GEN.R08NC0OEA15

10.465.04

VIPRE Antivirus

Trojan.Win32.Generic

40136

File size:

452.5 KB (463,360 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\55bce72b-99ff-2569-6da2-d4a4eb294a1b.exe

File PE Metadata

Compilation timestamp:

5/3/2015 8:25:10 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

12288:7blV2oIAnMSgDhwnT3whwTQhBkCxxRbBq1:7xVhMSgVwn+wTQhTxxZY

Entry address:

0x28567

Entry point:

E8, 0E, C9, 00, 00, E9, 39, FE, FF, FF, 55, 8B, EC, 8D, 45, 14, 50, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 36, CA, 00, 00, 83, C4, 10, 5D, C3, 55, 8B, EC, 8D, 45, 10, 50, 6A, 00, FF, 75, 0C, FF, 75, 08, E8, 58, CA, 00, 00, 83, C4, 10, 5D, C3, 55, 8B, EC, 8D, 45, 14, 50, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 3E, CA, 00, 00, 83, C4, 10, 5D, C3, 55, 8B, EC, 8D, 45, 14, 50, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 42, CA, 00, 00, 83, C4, 10, 5D, C3, 6A, 0C, 68, 88, 02, 46, 00, E8, DC, 25, 00, 00, 33, C0, 8B... 
[+]

Code size:

322.5 KB (330,240 bytes)

Remove 55bce72b-99ff-2569-6da2-d4a4eb294a1b.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.