home

75.exe

The executable 75.exe has been detected as malware by 11 anti-virus scanners. The file has been seen being downloaded from malwr.com.
MD5:
ffacacc975c2003f66fd4a3949409df8

SHA-1:
7cd400b0a856e7026fefb1ec35b8d90b2f7d6c71

SHA-256:
1f78c01699b6d1eed10bf276945236d03350f25cb978179770d931b8fa34e4b2

Scanner detections:
11 / 68

Status:
Malware

Analysis date:
4/24/2024 7:21:12 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Graftor.Elzob.9261
717

avast!
Win32:Evo-gen [Susp]
2014.9-150217

Bitdefender
Gen:Variant.Graftor.Elzob.9261
1.0.20.240

Emsisoft Anti-Malware
Gen:Variant.Graftor.Elzob.9261
8.15.02.17.05

F-Secure
Gen:Variant.Graftor.Elzob.9261
11.2015-17-02_3

G Data
Gen:Variant.Graftor.Elzob.9261
15.2.25

Microsoft Security Essentials
HackTool:Win32/Wincred.H
1.1.11302.0

MicroWorld eScan
Gen:Variant.Graftor.Elzob.9261
16.0.0.144

Panda Antivirus
Trj/CI.A
15.02.17.05

Rising Antivirus
PE:Trojan.Malagent!6.16CD
23.00.65.15215

Trend Micro House Call
TROJ_GEN.R01ZH09BB15
7.2.48

File size:
203.5 KB (208,384 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
3/8/2012 2:56:31 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
10.0

CTPH (ssdeep):
3072:W1JxjOesDBu3UCMBDG/uXFkV/ZeTlDf77/nzJoJj198PKdMPwg9quESyxr:W1+DDBuE1BaAk/ZeT9f7npPn9qufyR

Entry address:
0xFC41

Entry point:
FF, 56, 3B, C3, 0F, 87, 37, 02, 00, 00, 72, 0C, 81, F9, 08, 04, 00, 00, 0F, 87, 29, 02, 00, 00, 8B, 47, 10, 3B, C3, 7C, 05, 83, F8, 0B, 7E, 46, 99, 6A, 0C, 59, F7, F9, 8B, CA, 99, 01, 45, D0, 89, 4F, 10, 11, 55, D4, 3B, CB, 7D, 0E, 83, C1, 0C, 83, 45, D0, FF, 89, 4F, 10, 83, 55, D4, FF, 8B, 4D, D0, 8B, 45, D4, 83, C1, BB, 83, D0, FF, 3B, C3, 0F, 87, E5, 01, 00, 00, 72, 0C, 81, F9, 08, 04, 00, 00, 0F, 87, D7, 01, 00, 00, 8B, 77, 10, 8B, 04, B5, 9C, 47, 42, 00, 53, 6A, 04, FF, 75, D4, 99, FF, 75, D0, 89, 45...
 
[+]

Entropy:
6.3798

Code size:
109.5 KB (112,128 bytes)

The file 75.exe has been seen being distributed by the following URL.

https://malwr.com/analysis/file/OTE5NGVkYzkzZjU5NDg3YmE0YzVjMzU0Njk3YjY5NjU/sample/.../

Remove 75.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.