» aaflfa;l.exe
Overview
Analysis
File Details

aaflfa;l.exe

Mozilla Firefox

The executable aaflfa;l.exe has been detected as malware by 32 anti-virus scanners.

File name:

aaflfa;l.exe

Publisher:

Mozilla Firefox

Product:

Mozilla Firefox

Version:

211.452.0544

MD5:

a6aede6f0af0afa0593bfbc5d64e277a

SHA-1:

14a96afefde7e5bc8e67a6d01275aee9aabdf95b

SHA-256:

afc286f5d85cc0c522c805862ea3ddeee591c6a84502ef9c8636a006a6ca8ae0

Scanner detections:

32 / 68

Status:

Malware

Analysis date:

4/25/2024 3:30:29 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Trojan.Heur.VP.HD0aaqSN8ldi

583

Agnitum Outpost

Backdoor.DarkKomet

7.1.1

Avira AntiVirus

TR/VB.Inject.UG.1011

8.3.1.6

Arcabit

Trojan.Heur.VP.HD0aaqSN8ldi

1.0.0.425

avast!

Win32:Malware-gen

2014.9-150701

AVG

Inject2

2016.0.3061

Baidu Antivirus

Backdoor.Win32.DarkKomet

4.0.3.1571

Bitdefender

Gen:Trojan.Heur.VP.HD0aaqSN8ldi

1.0.20.910

Comodo Security

UnclassifiedMalware

22638

Dr.Web

Trojan.MulDrop3.38360

9.0.1.0182

Emsisoft Anti-Malware

Gen:Trojan.Heur.VP.HD0aaqSN8ldi

8.15.07.01.09

ESET NOD32

Win32/Injector.LNZ (variant)

9.11874

Fortinet FortiGate

W32/Injector.JHB!tr

7/1/2015

F-Secure

Gen:Trojan.Heur.VP.HD0aaqSN8ldi

11.2015-01-07_4

G Data

Gen:Trojan.Heur.VP.HD0aaqSN8ldi

15.7.25

IKARUS anti.virus

Trojan.Inject2

t3scan.1.9.5.0

K7 AntiVirus

Trojan

13.205.16429

Kaspersky

Backdoor.Win32.DarkKomet

14.0.0.1800

Malwarebytes

Spyware.Password

v2015.07.01.09

McAfee

Artemis!A6AEDE6F0AF0

5600.6717

Microsoft Security Essentials

VirTool:Win32/VBInject.UG

1.1.11804.0

MicroWorld eScan

Gen:Trojan.Heur.VP.HD0aaqSN8ldi

16.0.0.546

NANO AntiVirus

Trojan.Win32.MulDrop3.crggld

0.30.24.2320

Panda Antivirus

Trj/CI.A

15.07.01.09

Qihoo 360 Security

Win32/Trojan.022

1.0.0.1015

Rising Antivirus

PE:Trojan.Win32.Generic.164145EF!373376495

23.00.65.15629

Sophos

Mal/Generic-S

4.98

Total Defense

Win32/Inject.cTQUKGB

37.1.62.1

Trend Micro

TROJ_GEN.R06AC0EG115

10.465.01

Vba32 AntiVirus

Malware-Cryptor.VB.Sazeka

3.12.26.4

VIPRE Antivirus

Trojan.Win32.Generic

41624

Zillya! Antivirus

Backdoor.DarkKomet.Win32.18492

2.0.0.2262

File size:

1.5 MB (1,595,269 bytes)

Product version:

211.452.0544

Mozilla Firefox

Trademarks:

Mozilla Firefox

Original file name:

Max.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

File PE Metadata

Compilation timestamp:

12/15/2013 12:08:04 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

49152:y3Q2UFDjr7KLn4XG6qgzmNIxg3vAy5UQuZbPCeORYlN/dkciuXuPCQHokn5aphbQ:b2UFb7KL4XGdgzmNV/

Entry address:

0x8E1D6

Entry point:

60, BE, 8F, 17, 40, 00, 8D, BE, EB, AF, FF, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 61, EB, 16, 0E, 91, DB, 2F, 3D, 33, 59, 7D, BB, 2B, 34, FC, D0, 8B, C9, D6, E8, 1F, 2B, 78, DA, 55, 90, 90, 50, 51, 74, 05, 83, C8, 09, EB, 02, 31, C0, F9, 1B, C9, EB, 0C, 40, 48, 40, 48, 8D, 5B, 00, EB, 01, E8, 33, C9, 85, C9, 40, 48, 40, 48, 8D, 5B, 00, EB, 01, E8, E3, 05, EB, 01, E9, EB, E1, 59, 85, C0, 58, EB, 01, E8, BA, 00, 00, 00, 00, EB, 0E, 14, 43, 11, 55, 30, 03... 
[+]

Entropy:

7.8504 (probably packed)

Code size:

2 MB (2,072,576 bytes)

Remove aaflfa;l.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.