» 7e462fba-2583-9ed6-e679-f57859a5e328.exe
Overview
Analysis
File Details

7e462fba-2583-9ed6-e679-f57859a5e328.exe

The application 7e462fba-2583-9ed6-e679-f57859a5e328.exe has been detected as a potentially unwanted program by 19 anti-malware scanners.

File name:

MD5:

579d8322410400b64d1e8c850bbb1157

SHA-1:

36c3e1336803d2b1436983bae8e4874574336c94

SHA-256:

1ffdaa082711c47481a96e9f09717d327e44ca485c79b37cc59d06172c6fa9ec

Scanner detections:

19 / 68

Status:

Potentially unwanted

Analysis date:

4/24/2024 7:19:27 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.AddLyrics.34

707

Agnitum Outpost

PUA.AddLyrics

7.1.1

Avira AntiVirus

Adware/AddLyrics.455168.10

7.11.212.246

avast!

Win32:Dropper-gen [Drp]

2014.9-150227

AVG

AddLyrics_r

2016.0.3185

Baidu Antivirus

Adware.Win32.AddLyrics

4.0.3.15227

Bitdefender

Gen:Variant.Adware.AddLyrics.34

1.0.20.290

Dr.Web

Trojan.Revizer.478

9.0.1.060

Emsisoft Anti-Malware

Gen:Variant.Adware.AddLyrics.34

8.15.02.27.09

ESET NOD32

Win32/Adware.AddLyrics.DQ (variant)

9.11221

F-Secure

Gen:Variant.Graftor.176781

11.2015-27-02_6

G Data

Gen:Variant.Adware.AddLyrics.34

15.2.25

Kaspersky

not-a-virus:AdWare.Win32.AddLyrics

14.0.0.2415

MicroWorld eScan

Gen:Variant.Adware.AddLyrics.34

16.0.0.174

NANO AntiVirus

Riskware.Win32.AddLyrics.dobuez

0.30.0.296

Panda Antivirus

Trj/Genetic.gen

15.02.27.09

Qihoo 360 Security

Win32/Virus.Adware.24b

1.0.0.1015

Reason Heuristics

Threat.Win.Reputation.IMP

15.3.1.1

Sophos

Generic PUA HI

4.98

File size:

444.5 KB (455,168 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\7e462fba-2583-9ed6-e679-f57859a5e328.exe

File PE Metadata

Compilation timestamp:

2/23/2015 3:07:04 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

6144:7mUCar/r8my33he66BZGGNnr+dIglyWX+Q81i0PYdXn//8yrd+ibX:5Car/wdHzEzRr+dI9WXio0wZ8b0X

Entry address:

0x35D19

Entry point:

E8, AE, 85, 00, 00, E9, 7F, FE, FF, FF, 6A, 14, 68, 20, 49, 45, 00, E8, D1, 32, 00, 00, 8B, 75, 08, 8B, DE, 89, 75, E4, 85, F6, 75, 19, 39, 75, 0C, 74, 14, E8, 2F, 10, 00, 00, C7, 00, 16, 00, 00, 00, E8, B5, 0F, 00, 00, 33, C0, EB, 77, 33, C0, 39, 45, 0C, 0F, 9D, C0, 85, C0, 74, E0, 33, C0, 8B, 7D, 10, 85, FF, 0F, 95, C0, 85, C0, 74, D2, 83, 7D, 0C, 00, 74, DC, 89, 7D, 08, 57, E8, 10, 3B, 00, 00, 59, 83, 65, FC, 00, 85, F6, 74, 37, FF, 4D, 0C, 74, 2D, 57, E8, 7D, 86, 00, 00, 59, 0F, B7, C0, 89, 45, E0, 3D... 
[+]

Entropy:

6.3776

Code size:

297.5 KB (304,640 bytes)

Remove 7e462fba-2583-9ed6-e679-f57859a5e328.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.