» a347972152d94c1d820f87979fe241eb_0.npb
Overview
Analysis
File Details

a347972152d94c1d820f87979fe241eb_0.npb

D.A.E$R

D.A &8a#d*@#n+)+a!@r@#%e

The file a347972152d94c1d820f87979fe241eb_0.npb has been detected as malware by 42 anti-virus scanners.

File name:

Publisher:

D.A &8a#d*@#n+)+a!@r@#%e

Product:

D.A.E$R

Version:

1.00

MD5:

a347972152d94c1d820f87979fe241eb

SHA-1:

6e54cf77f3f4c366ff3feaf165819f5ea8bf130d

SHA-256:

3dac5591af232e78b0122f2f58cc19d98c063d047b3b29ccf1e20fb6c5fb298e

Scanner detections:

42 / 68

Status:

Malware

Analysis date:

4/19/2024 9:13:51 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Trojan.FirewallBypass.fuW@aqPJ0jii

741

Agnitum Outpost

Trojan.Agent2

7.1.1

AhnLab V3 Security

Trojan/Win32.Adrena

15.01.25

Avira AntiVirus

TR/Spy.Gen

7.11.30.172

avast!

VB-AIDN [Trj]

2014.9-150125

AVG

Trojan horse Agent.7.T

2016.0.3219

Baidu Antivirus

Trojan.Win32.Agent

4.0.3.15125

Bitdefender

Gen:Trojan.FirewallBypass.fuW@aqPJ0jii

1.0.20.125

Bkav FE

W32.OnGamesLT031012KGHV.Trojan

1.3.0.4959

Clam AntiVirus

BC.Heuristic.Trojan.SusPacked.BF-6.A

0.98/19825

Comodo Security

TrojWare.Win32.Comrerop.A

18240

Dr.Web

Trojan.Siggen3.12086

9.0.1.025

Emsisoft Anti-Malware

Dropped:Generic.Malware.SFYd.37B2C91F

8.15.01.25.01

ESET NOD32

Win32/Comrerop.C trojan

9.7.0.302.0

Fortinet FortiGate

W32/Comrerop.AX!tr

1/25/2015

F-Prot

W32/Trojan2.OHGU

v6.4.6.5.141

F-Secure

Dropped:Generic.Malware.SFYd.37B2C91F

11.2015-25-01_1

G Data

Gen:Trojan.FirewallBypass.fuW@aqPJ0jii

15.1.24

IKARUS anti.virus

Trojan.Win32.Agent

t3scan.1.6.1.0

K7 AntiVirus

EmailWorm

13.177.12026

Kaspersky

Worm.Win32.AutoRun

14.0.0.2590

Malwarebytes

Trojan.Downloader

v2015.01.25.01

McAfee

Trojan.Trojan-FEXI!12C73D7AAE63

5600.6875

Microsoft Security Essentials

Virus:Win32/Capsfin.A

1.10502

MicroWorld eScan

Gen:Trojan.FirewallBypass.fuW@aqPJ0jii

16.0.0.75

NANO AntiVirus

Trojan.Win32.Autorunner.bemdrp

0.28.0.59608

Norman

Dropped:Generic.Malware.SFYd.37B2C91F

11.20150125

nProtect

Trojan/W32.Agent.87552.KF

14.05.08.01

Panda Antivirus

Trj/Zlob.KH

15.01.25.01

Qihoo 360 Security

Win32/Trojan.Agent.525

1.0.0.1015

Quick Heal

Trojan.Comrerop.A5

1.15.14.00

Reason Heuristics

Threat.Win.Reputation.IMP

15.1.25.1

Rising Antivirus

PE:Trojan.Win32.Generic.12816EFB!310472443

23.00.65.15123

Sophos

Virus 'W32/Capsfin-A'

SUPERAntiSpyware

Trojan.Agent/Gen-Comisproc

10095

Total Defense

Win32/Capsfin.A

37.0.10925

Trend Micro House Call

TROJ_COMREROP.AG

7.2.25

Trend Micro

TROJ_COMREROP.AG

10.465.25

Vba32 AntiVirus

Trojan.Agent2

3.12.26.0

VIPRE Antivirus

BehavesLike.Win32.Malware.bsf (vs)

29014

ViRobot

Trojan.Win32.Agent.88064.AS

2011.4.7.4223

Zillya! Antivirus

Trojan.Agent2.Win32.8612

2.0.0.1783

File size:

248 KB (253,952 bytes)

Product version:

1.00

2010

Original file name:

qw4hd-dqcrg-hm64m-6gjrk-8k83t.exe

Language:

English (United States)

Common path:

C:\ProgramData\application data\net protector\npbkpn\a347972152d94c1d820f87979fe241eb_0.npb

File PE Metadata

Compilation timestamp:

1/1/2006 3:22:11 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

3072:OTJK5mLNraJKdN2iPf2J7dqs70hhRcuGWwSy1bY98Nj/AiIrpJv5u74uHDv:OTJ2JEF22hv/y7/ATg7

Entry address:

0x227C8

Entry point:

E8, 06, 2F, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 56, 6A, 01, 68, 4B, CE, 42, 00, 8B, F1, E8, D9, 2F, 00, 00, C7, 06, F3, A2, 42, 00, 8B, C6, 5E, C3, C7, 01, F3, A2, 42, 00, E9, 3E, 30, 00, 00, 8B, FF, 55, 8B, EC, 56, 8B, F1, C7, 06, F3, A2, 42, 00, E8, 2B, 30, 00, 00, F6, 45, 08, 01, 74, 07, 56, E8, 8A, 00, 00, 00, 59, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 56, FF, 75, 08, 8B, F1, E8, AA, 2F, 00, 00, C7, 06, F3, A2, 42, 00, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 83, EC, 0C, EB, 0D, FF, 75... 
[+]

Entropy:

5.7373

Code size:

44 KB (45,056 bytes)

Remove a347972152d94c1d820f87979fe241eb_0.npb - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.