adf.exe

The executable adf.exe has been detected as malware by 10 anti-virus scanners. The file has been seen being downloaded from download2154.mediafire.com and multiple other hosts.
MD5:
0ccad9b34b64040aafbf9aede348b9c4

SHA-1:
5f34cd7447754c96260a97719794d9e59397afa4

SHA-256:
dbe33e9c62458c7adc9a702b903f47f1db0f1336520b87f5a88d902e07b50cde

Scanner detections:
10 / 68

Status:
Malware

Explanation:
The software cotains keystroke monitoring/logging capablities which may or may not be installed without the user's knowledge.

Analysis date:
1/19/2022 7:02:04 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Patched.Ren.Gen
7.11.146.218

AVG
Patched_c
2015.0.3380

Clam AntiVirus
Win.Trojan.6310639
0.98/18355

Comodo Security
UnclassifiedMalware
18202

Dr.Web
Tool.AntiAV.6
9.0.1.0228

IKARUS anti.virus
Trojan.Patched_c
t3scan.1.6.1.0

McAfee
Artemis!0CCAD9B34B64
5600.7036

Norman
Suspicious_Gen4.CHFXV
11.20140816

VIPRE Antivirus
Trojan.Win32.Generic
28778

Zillya! Antivirus
Trojan.Keylogger.Win32.14339
2.0.0.1775

File size:
671.5 KB (687,616 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:1beoCDyJ+1GneUMGdJFDWupAfEesc1AJcymvIDv:9VbJ+1cciAfBAJkvI

Entry address:
0x6150C

Entry point:
55, 8B, EC, 83, C4, F0, B8, 04, 13, 46, 00, E8, 54, 47, FA, FF, A1, 40, 31, 46, 00, 8B, 00, E8, 00, AF, FF, FF, A1, 40, 31, 46, 00, 8B, 00, BA, 6C, 15, 46, 00, E8, FF, AA, FF, FF, 8B, 0D, 30, 32, 46, 00, A1, 40, 31, 46, 00, 8B, 00, 8B, 15, 30, F9, 45, 00, E8, EF, AE, FF, FF, A1, 40, 31, 46, 00, 8B, 00, E8, 63, AF, FF, FF, E8, 0A, 28, FA, FF, 00, 00, FF, FF, FF, FF, 10, 00, 00, 00, 41, 6E, 74, 69, 20, 44, 65, 65, 70, 20, 46, 72, 65, 65, 7A, 65, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.4344

Developed / compiled with:
Microsoft Visual C++

Code size:
385.5 KB (394,752 bytes)

The file adf.exe has been seen being distributed by the following 27 URLs.

http://download2154.mediafire.com/2jv4yfw37p4g/.../ADF.exe

http://download2154.mediafire.com/j3uzdud5bnug/.../ADF.exe

http://download757.mediafire.com/0xd9ks1e0dig/.../ADF.exe

http://download765.mediafire.com/uoxvxc53oqzg/.../ADF.exe

http://download2154.mediafire.com/acy5q7p6b6qg/.../ADF.exe

http://download757.mediafire.com/j5derdrdtd6g/.../ADF.exe

http://download2154.mediafire.com/63aghakokhhg/.../ADF.exe

http://download757.mediafire.com/dccsoil8n2qg/.../ADF.exe

http://download2154.mediafire.com/140g18qc2o7g/.../ADF.exe

http://download1363.mediafire.com/esm7bxkuxt6g/.../ADF.exe

http://download757.mediafire.com/d8b1fxgu0gfg/.../ADF.exe

http://download2154.mediafire.com/xabmt9s09jmg/.../ADF.exe

http://download1363.mediafire.com/5tv480c8mdkg/.../ADF.exe

http://download1363.mediafire.com/sikh4e5bhfyg/.../ADF.exe

http://download2154.mediafire.com/sc1sxtg7d8fg/.../ADF.exe

Remove adf.exe - Powered by Reason Core Security