» 64c58736bbdcf5b734fb38a4e1d8b6c6.exe
Overview
Analysis
File Details

64c58736bbdcf5b734fb38a4e1d8b6c6.exe

Krulises

The executable 64c58736bbdcf5b734fb38a4e1d8b6c6.exe has been detected as malware by 18 anti-virus scanners.

File name:

Publisher:

Krulises

Product:

Krulises

Version:

2.0.0.0

MD5:

64c58736bbdcf5b734fb38a4e1d8b6c6

SHA-1:

31dd6824e31c87d6ee0ac1035346f2daea150c5e

SHA-256:

26b78e9577c953db12622f5c100df798ce0ca0398857ad561f7b5dd63e297e12

Scanner detections:

18 / 68

Status:

Malware

Analysis date:

4/27/2024 3:12:03 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1936899

835

AegisLab AV Signature

Troj.Dropper.W32.Sysn

2.1.4+

AhnLab V3 Security

Trojan/Win32.Agent

2014.10.23

Avira AntiVirus

TR/NetCoot.A.154

7.11.180.144

avast!

Win32:Trojan-gen

2014.9-141022

AVG

Zbot

2015.0.3313

Baidu Antivirus

Trojan.Win32.Avc

4.0.3.141022

Bitdefender

Trojan.GenericKD.1936899

1.0.20.1475

Comodo Security

UnclassifiedMalware

19872

Emsisoft Anti-Malware

Trojan.GenericKD.1936899

8.14.10.22.06

ESET NOD32

MSIL/Autorun.Spy.Agent.AU

8.10603

G Data

Trojan.GenericKD.1936899

14.10.24

Kaspersky

Trojan.MSIL.Crypt

14.0.0.3061

McAfee

PWSZbot-FADS!64C58736BBDC

5600.6969

MicroWorld eScan

Trojan.GenericKD.1936899

15.0.0.885

Qihoo 360 Security

HEUR/QVM03.0.Malware.Gen

1.0.0.1015

Sophos

Troj/Agent-AJJL

4.98

Trend Micro House Call

TROJ_GEN.F0D1H0ZJL14

7.2.295

File size:

443 KB (453,632 bytes)

Product version:

2.0.0.0

Trademarks:

Krulises

Original file name:

Krulises.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

File PE Metadata

Compilation timestamp:

10/21/2014 10:35:11 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

12288:n4MoSCxL4a6lw1jIHkhcEfzbakwRWrDwzg/0:n4MoSZOjIHCcEbbakwArDwW

Entry address:

0xA2DE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

33 KB (33,792 bytes)

Remove 64c58736bbdcf5b734fb38a4e1d8b6c6.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.