{57c0c6cf-4212-4288-83a6-a04cda7cbf78}-aio-blade_v01.01
The file {57c0c6cf-4212-4288-83a6-a04cda7cbf78}-aio-blade_v01.01 has been detected as a potentially unwanted program by 26 anti-malware scanners. The file has been seen being downloaded from fs1.d-h.st.
File name:
{57c0c6cf-4212-4288-83a6-a04cda7cbf78}-aio-blade_v01.01
MD5:
685cf64f5f4d6e03aed5221053e9d2a7
SHA-1:
7d482a3883683781d8b76aed5dc9829ae5c10adc
SHA-256:
fb59d0c3f6436ea7ead7453d7685a3e2e529ad943e9dad75ab07620f7b868931
Scanner detections:
26 / 68
Status:
Potentially unwanted
Analysis date:
4/25/2024 7:52:35 PM UTC (today)
Scan engine
Detection
Engine version
Lavasoft Ad-Aware
Android.Exploit.RATC.A
422
AegisLab AV Signature
SUSPICIOUS
2.1.4+
Avira AntiVirus
ANDROID/RootAndroid
8.3.1.6
Arcabit
Android.Exploit.RATC.A
1.0.0.425
avast!
ELF:Ratc-B [PUP]
2014.9-151210
AVG
Android/Toor
2016.0.2900
Bitdefender
Android.Exploit.RATC.A
1.0.20.1720
Comodo Security
Exploit.Linux.Lotoor.g
22973
Dr.Web
Android.DreamExploid.1
9.0.1.0344
Emsisoft Anti-Malware
Android.Exploit.RATC
8.15.12.10.11
ESET NOD32
Android/Exploit.RageCage
9.12070
F-Prot
W32/Sality.AK
v6.4.7.1.166
F-Secure
Android.Exploit.RATC.A
11.2015-10-12_5
G Data
Android.Exploit.RATC
15.12.25
IKARUS anti.virus
Exploit.Linux.Lotoor
t3scan.1.9.5.0
Kaspersky
Exploit.Linux.Lotoor
14.0.0.993
Malwarebytes
Virus.Ramnit
v2015.12.10.11
Microsoft Security Essentials
Exploit:Unix/Lotoor
1.1.11903.0
MicroWorld eScan
Android.Exploit.RATC.A
16.0.0.1032
NANO AntiVirus
Exploit.Lotoor.dtnxn
0.30.24.3079
nProtect
Win32.Sality.OG
15.08.10.01
Rising Antivirus
PE:Win32.KUKU.a!1389448
23.00.65.151208
Trend Micro House Call
PE_RAMNIT.DEN
7.2.344
Trend Micro
PE_RAMNIT.DEN
10.465.10
Zillya! Antivirus
Downloader.OpenConnection.JS.232
2.0.0.2343
File size:
12.1 MB (12,640,664 bytes)
Common path:
C:\ProgramData\microsoft\microsoft antimalware\localcopy\{57c0c6cf-4212-4288-83a6-a04cda7cbf78}-aio-blade_v01.01
The file {57c0c6cf-4212-4288-83a6-a04cda7cbf78}-aio-blade_v01.01 has been seen being distributed by the following URL.