» {6380-24f3f8-24f7f8}
Overview
Analysis
File Details

{6380-24f3f8-24f7f8}

Led Board 2001

Led Corporation

The file {6380-24f3f8-24f7f8} has been detected as malware by 31 anti-virus scanners.

File name:

Publisher:

Led Corporation

Product:

Led® Board® 2001

Description:

Led Board

Version:

5.5.97524.13 built by: Coast

MD5:

02845bb344d8f94497cc81dd23431d2d

SHA-1:

57cfa46cb0d69c9d9e6489ebc8a81ae88ffcce75

SHA-256:

fc4322abe2562c7b81b6000f05f8ebf66b72895d47508aeb0b895b5cb7129039

Scanner detections:

31 / 68

Status:

Malware

Analysis date:

4/24/2024 12:03:15 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKDV.1105505

618

Agnitum Outpost

Trojan.Yakes

7.1.1

AhnLab V3 Security

Trojan/Win32.Bebloh

2015.04.09

Avira AntiVirus

TR/Crypt.ZPACK.Gen8

3.6.1.96

avast!

Win32:Dropper-gen [Drp]

2014.9-150527

AVG

PSW.Generic11

2016.0.3096

Baidu Antivirus

Trojan.Win32.Bebloh

4.0.3.15527

Bitdefender

Trojan.GenericKDV.1105505

1.0.20.735

Comodo Security

UnclassifiedMalware

21701

Dr.Web

Trojan.Fakealert.39802

9.0.1.0147

Emsisoft Anti-Malware

Trojan.GenericKDV.1105505

8.15.05.27.11

ESET NOD32

Win32/Spy.Bebloh

9.11447

Fortinet FortiGate

W32/Zbot.FEI!tr

5/27/2015

F-Secure

Trojan.GenericKDV.1105505

11.2015-27-05_4

G Data

Trojan.GenericKDV.1105505

15.5.25

K7 AntiVirus

Spyware

13.202.15535

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.1975

McAfee

PWSZbot-FBM!02845BB344D8

5600.6752

Microsoft Security Essentials

TrojanSpy:Win32/Shiotob.A

1.1.11502.0

MicroWorld eScan

Trojan.GenericKDV.1105505

16.0.0.441

Norman

Suspicious_Gen4.EKAYH

11.20150527

nProtect

Trojan.GenericKDV.1105505

15.04.09.02

Panda Antivirus

Trj/Dtcontx.F

15.05.27.11

Qihoo 360 Security

Win32/Trojan.e6d

1.0.0.1015

Quick Heal

Trojan.Generic.r5

5.15.14.00

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_SPNR.11GF13

7.2.147

Trend Micro

TROJ_SPNR.11GF13

10.465.27

Vba32 AntiVirus

Trojan.Yakes

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

39190

Zillya! Antivirus

Trojan.FakeAV.Win32.283504

2.0.0.2132

File size:

217.5 KB (222,720 bytes)

Product version:

5.5.97524.13

Original file name:

Head.exe

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{6380-24f3f8-24f7f8}

File PE Metadata

Compilation timestamp:

7/10/2013 5:38:52 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

6144:Q+mbG4tHXHX+HYS5cKl5GqkyssBqUHcoi:Q+myo3HXsYUl5Gq2rUHc

Entry address:

0x383F

Entry point:

E8, DE, 42, 00, 00, E9, 17, FE, FF, FF, 6A, 0C, 68, E0, EA, 41, 00, E8, E7, 2B, 00, 00, 8B, 75, 08, 85, F6, 74, 75, 83, 3D, 5C, 67, 63, 00, 03, 75, 43, 6A, 04, E8, C0, 44, 00, 00, 59, 83, 65, FC, 00, 56, E8, 2E, 45, 00, 00, 59, 89, 45, E4, 85, C0, 74, 09, 56, 50, E8, 4A, 45, 00, 00, 59, 59, C7, 45, FC, FE, FF, FF, FF, E8, 0B, 00, 00, 00, 83, 7D, E4, 00, 75, 37, FF, 75, 08, EB, 0A, 6A, 04, E8, AE, 43, 00, 00, 59, C3, 56, 6A, 00, FF, 35, 6C, 61, 63, 00, FF, 15, 7C, F0, 40, 00, 85, C0, 75, 16, E8, 19, 25, 00... 
[+]

Code size:

55 KB (56,320 bytes)

Remove {6380-24f3f8-24f7f8} - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.