» 5c9bc273-0584-648b-7be6-5550055ec136.exe
Overview
Analysis
File Details

5c9bc273-0584-648b-7be6-5550055ec136.exe

The application 5c9bc273-0584-648b-7be6-5550055ec136.exe has been detected as a potentially unwanted program by 14 anti-malware scanners.

File name:

MD5:

bcb4fc49902ed11c731cac6550630459

SHA-1:

7ee303d736c7cdb7c88b17a228d0964fb0e57357

SHA-256:

b67ef97eeb700fde209161936b0b8953d27a6ac40675a362fc4f48b0d5d22812

Scanner detections:

14 / 68

Status:

Potentially unwanted

Analysis date:

4/16/2024 7:33:30 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.Strictor.76935

726

Avira AntiVirus

Adware/AddLyrics.478720.20

7.11.208.88

avast!

Win32:Adware-gen [Adw]

2014.9-150208

AVG

AddLyrics_r

2016.0.3204

Baidu Antivirus

Adware.Win32.AddLyrics

4.0.3.1528

Bitdefender

Gen:Variant.Adware.Strictor.76935

1.0.20.195

Dr.Web

Trojan.Lyrics.362

9.0.1.039

Emsisoft Anti-Malware

Gen:Variant.Adware.Strictor.76935

8.15.02.08.11

ESET NOD32

Win32/Adware.AddLyrics.DM application

7.0.302.0

F-Secure

Gen:Variant.Adware.Strictor.76935

11.2015-08-02_1

G Data

Gen:Variant.Adware.Strictor.76935

15.2.25

MicroWorld eScan

Gen:Variant.Adware.Strictor.76935

16.0.0.117

NANO AntiVirus

Riskware.Win32.AddLyrics.dnojxl

0.30.0.65070

Reason Heuristics

Threat.Win.Reputation.IMP

15.2.8.23

File size:

467 KB (478,208 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\5c9bc273-0584-648b-7be6-5550055ec136.exe

File PE Metadata

Compilation timestamp:

1/29/2015 9:15:12 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

12288:1x+EolikQ5fQB2viXoJ6ceSrtw9XXcXcP:1vkQ5IB26ceSRqXMs

Entry address:

0x24C6B

Entry point:

E8, AD, C5, 00, 00, E9, 39, FE, FF, FF, 55, 8B, EC, 8D, 45, 14, 50, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, D5, C6, 00, 00, 83, C4, 10, 5D, C3, 55, 8B, EC, 8D, 45, 10, 50, 6A, 00, FF, 75, 0C, FF, 75, 08, E8, F7, C6, 00, 00, 83, C4, 10, 5D, C3, 55, 8B, EC, 8D, 45, 14, 50, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, DD, C6, 00, 00, 83, C4, 10, 5D, C3, 55, 8B, EC, 8D, 45, 14, 50, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, E1, C6, 00, 00, 83, C4, 10, 5D, C3, 6A, 0C, 68, D8, C1, 45, 00, E8, E8, 26, 00, 00, 33, C0, 8B... 
[+]

Entropy:

6.4666

Code size:

307 KB (314,368 bytes)

Remove 5c9bc273-0584-648b-7be6-5550055ec136.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.