» abexcm1-voiees.exex
Overview
Analysis
File Details
Downloads (1)

abexcm1-voiees.exex

learn2crack

The file abexcm1-voiees.exex, “abex' 1st crackme” has been detected as malware by 10 anti-virus scanners. The file has been seen being downloaded from keybreak.tistory.com.

File name:

abexcm1-voiees.exex

Publisher:

learn2crack

Description:

abex' 1st crackme

Version:

1.00

MD5:

7b5ad4de107a51b3521f460f2a8c3940

SHA-1:

7d7e1656c79f19c6eb6b74d01be1d56da6a9a38c

SHA-256:

2581e882619b104a52843876fa8f5b42d2585d8ff6f7fb336eee98f617d0802a

Scanner detections:

10 / 68

Status:

Malware

Analysis date:

4/27/2024 1:32:00 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Agent.xlz.3

7.11.144.64

Bkav FE

W32.Clodbec.Trojan

1.3.0.4959

Comodo Security

Heur.Packed.Unknown

18128

IKARUS anti.virus

Trojan.SuspectCRC

t3scan.1.6.1.0

McAfee

Artemis!7B5AD4DE107A

5600.7151

Norman

Suspicious_Gen4.USSI

11.20140423

Rising Antivirus

PE:Trojan.Win32.Generic.152FB710!355448592

23.00.65.14421

Trend Micro House Call

TROJ_SPNR.08A412

7.2.113

Trend Micro

TROJ_SPNR.08A412

10.465.23

VIPRE Antivirus

Trojan.Win32.Generic

28374

File size:

8 KB (8,192 bytes)

Original file name:

abexcrackme1.exe

File PE Metadata

Compilation timestamp:

12/6/2050 4:47:07 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24:OEhu705yNn7GTpqAGAsABGKU4K8Eh9mwhCNjFun98Fu/H:OEP5yNR6sABAA49mwhUjF+98Fu/

Entry address:

0x1000

Entry point:

6A, 00, 68, 00, 20, 40, 00, 68, 12, 20, 40, 00, 6A, 00, E8, 4E, 00, 00, 00, 68, 94, 20, 40, 00, E8, 38, 00, 00, 00, 46, 48, EB, 00, 46, 46, 48, 3B, C6, 74, 15, 6A, 00, 68, 35, 20, 40, 00, 68, 3B, 20, 40, 00, 6A, 00, E8, 26, 00, 00, 00, EB, 13, 6A, 00, 68, 5E, 20, 40, 00, 68, 64, 20, 40, 00, 6A, 00, E8, 11, 00, 00, 00, E8, 06, 00, 00, 00, FF, 25, 50, 30, 40, 00, FF, 25, 54, 30, 40, 00, FF, 25, 5C, 30, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

1.0445

Developed / compiled with:

Microsoft Visual C++ v7.1

Code size:

512 Bytes (512 bytes)

The file abexcm1-voiees.exex has been seen being distributed by the following URL.

http://keybreak.tistory.com/.../cfile6.uf@125C40375092663C158264.exe

Remove abexcm1-voiees.exex - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.