» actuator.exe
Overview
Analysis
File Details

actuator.exe

The executable actuator.exe has been detected as malware by 14 anti-virus scanners.

File name:

actuator.exe

MD5:

e119f12538786a79da6b2a9d59b28584

SHA-1:

9bcbe2785795348aee0ae604f43ada76df294d14

SHA-256:

df1278e130c2b49f9853e588e9e4d7c2f3ab46dc39a978f52199c704b475ad88

Scanner detections:

14 / 68

Status:

Malware

Analysis date:

4/25/2024 4:48:25 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Agent.65536.DC

7.11.142.180

AVG

Generic17

2015.0.3282

Baidu Antivirus

Trojan.Win32.Agent

4.0.3.141123

Bkav FE

HW32.CDB

1.3.0.4959

Comodo Security

Heur.Packed.Unknown

18084

F-Prot

W32/Heuristic-210

v6.4.7.1.166

IKARUS anti.virus

Trojan.Agent

t3scan.1.6.1.0

Norman

Packed_spybot_gen6.A

11.20141123

nProtect

Trojan/W32.Packer.65536.S

14.04.11.01

Quick Heal

(Suspicious) - DNAScan

11.14.12.00

Rising Antivirus

PE:Malware.XPACK-HIE/Heur!1.9C48

23.00.65.141121

Trend Micro House Call

TROJ_GEN.R047C0EDA14

7.2.327

Trend Micro

TROJ_GEN.R047C0EDA14

10.465.23

VIPRE Antivirus

Packed.Win32.Krunchy

28194

File size:

64 KB (65,536 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\actuator.exe

File PE Metadata

Compilation timestamp:

10/4/2009 1:26:44 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

1536:18grln5LNzxOaWlFaZcXbe0r7svnlbpJMZecKFgM7gsNKzxoF:HLca+Bq0XsvtQjR0Kxq

Entry address:

0xEC9B

Entry point:

BD, 08, 00, 5E, 00, C7, 45, 00, 2C, 01, 5D, 00, FF, 4D, 08, C6, 45, 0C, 05, 8D, 7D, 14, 31, C0, B4, 04, 89, C1, F3, AB, BF, 42, F8, 5E, 00, 57, BE, 8C, ED, 5D, 00, 31, C9, 41, FF, 4D, 0C, 8D, 9C, 8D, A0, 00, 00, 00, FF, D6, 10, C9, 73, F3, FF, 45, 0C, 91, AA, 83, C9, FF, 8D, 5C, 8D, 18, FF, D6, 74, DD, E3, 17, 8D, 5D, 1C, FF, D6, 74, 10, 8D, 9D, A0, 08, 00, 00, E8, EC, 00, 00, 00, 8B, 45, 10, EB, 42, 8D, 9D, A0, 04, 00, 00, E8, DC, 00, 00, 00, 49, 49, 78, 40, 8D, 5D, 20, 74, 03, 83, C3, 40, 31, D2, 42, E8... 
[+]

Packer / compiler:

kkrunchy

Code size:

72 KB (73,728 bytes)

Remove actuator.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.