home

91478.exe

Blue Box Sun

GFI Software (Florida) Inc.

The executable 91478.exe has been detected as malware by 31 anti-virus scanners.
Publisher:
GFI Software (Florida) Inc.  (signed and verified)

Product:
Blue Box Sun

Version:
4.04.0008

MD5:
f7409740814492f84bdf49aed54ccce3

SHA-1:
3f2db1acb6589b3c359a30127c95e9e9bb3b34a9

SHA-256:
d582a176f6c9a0ccb64356b43691e5f50d4bd14f2fcf101e3f05bd0cbb52a6f5

Scanner detections:
31 / 68

Status:
Malware

Analysis date:
4/19/2024 2:34:20 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.12500492
365

Agnitum Outpost
Trojan.Boaxxe
7.1.1

AhnLab V3 Security
Trojan/Win32.MDA
2015.05.03

avast!
Win32:Trojan-gen
2014.9-160204

AVG
Dropper.Generic9
2017.0.2843

Baidu Antivirus
Trojan.Win32.VBKryjetor
4.0.3.1624

Bitdefender
Trojan.Generic.12500492
1.0.20.175

Clam AntiVirus
Win.Trojan.Generickd-1869
0.98/21511

Dr.Web
Trojan.Siggen6.23087
9.0.1.035

Emsisoft Anti-Malware
Trojan.Generic.12500492
8.16.02.04.04

ESET NOD32
Win32/Boaxxe.BR
10.11566

Fortinet FortiGate
W32/Boaxxe.BR!tr
2/4/2016

F-Secure
Trojan.Generic.12500492
11.2016-04-02_5

G Data
Trojan.Generic.12500492
16.2.25

IKARUS anti.virus
Trojan.Win32.Boaxxe
t3scan.1.8.9.0

K7 AntiVirus
Trojan
13.203.15784

Kaspersky
Trojan.Win32.VBKryjetor
14.0.0.712

McAfee
GenericATG-FBAS!F74097408144
5600.6499

Microsoft Security Essentials
Trojan:Win32/Miuref.A
1.1.11602.0

MicroWorld eScan
Trojan.Generic.12500492
17.0.0.105

NANO AntiVirus
Trojan.Win32.Siggen6.dlylpg
0.30.24.1357

Norman
Boaxxe.LVJ
11.20160204

nProtect
Trojan.Generic.12500492
15.04.30.01

Panda Antivirus
Trj/Genetic.gen
16.02.04.04

Qihoo 360 Security
Win32/Trojan.Dropper.f18
1.0.0.1015

Quick Heal
Trojan.Miuref.r3
2.16.14.00

Sophos
Mal/Generic-S
4.98

Total Defense
Win32/Miure.KXZeXSD
37.1.62.1

Trend Micro House Call
TROJ_GEN.F0C2C00AH15
7.2.35

Trend Micro
TROJ_GEN.F0C2C00AH15
10.465.04

VIPRE Antivirus
Trojan.Win32.Generic
39886

File size:
201.9 KB (206,728 bytes)

Product version:
4.04.0008

Copyright:
Blue Box Sun

Trademarks:
Blue Box Sun

Original file name:
Bluesun.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\windows\temp\91478.exe

Digital Signature
Signed by:
GFI Software (Florida) Inc.

Authority:
VeriSign, Inc.

Valid from:
1/26/2012 7:00:00 AM

Valid to:
1/26/2015 6:59:59 AM

Subject:
CN=GFI Software (Florida) Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=GFI Software (Florida) Inc., L=Clearwater, S=Florida, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
54323DBF4B8E5CFDD565697A3B7EBDDA

File PE Metadata
Compilation timestamp:
12/5/2014 10:01:07 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:IfLnWLfcIW+k8n2BFk++pVv8eVIttwieqqkG6:ITngUIW+iB1cJVetw8qy

Entry address:
0x11F0

Entry point:
68, 84, DA, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 09, 44, 66, E8, 75, F7, 82, 45, 95, 63, B8, AA, 35, 39, 29, A8, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, F0, 02, 83, 00, 00, 00, 52, 61, 75, 73, 6B, 72, 61, 62, 62, 65, 6C, 74, 65, 73, 74, 00, 00, 00, 00, 00, FF, CC, 31, 00, 05, F9, A5, 62, 3F, 1B, 25, A5, 45, 84, 83, 10, 35, 6D, FA, 4E, 62, 34, 4F, 78, 05, 1A, 2B, 5C, 4C, 94, D1, B2, F6, 20, E3, 8E, AF, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
180 KB (184,320 bytes)

Remove 91478.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.