» ajehhhefsf.exe
Overview
Analysis
File Details
Downloads (1)

ajehhhefsf.exe

The application ajehhhefsf.exe has been detected as a potentially unwanted program by 27 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from s3-ap-northeast-1.amazonaws.com.

File name:

ajehhhefsf.exe

MD5:

dace63edee18b0e9dfe6f78bf1a11047

SHA-1:

4ae95d8c45f85b161d2e1abc19f31e1dda68d518

SHA-256:

583cc0d2ad9c99240bf51566dcaa862329c5329f9823992eebb1a82b7d906b0b

Scanner detections:

27 / 68

Status:

Potentially unwanted

Analysis date:

5/7/2024 2:23:57 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Trojan.Neurevt

7.1.1

avast!

Win32:Malware-gen

2014.9-151215

AVG

Win32/Heim

2016.0.2895

Clam AntiVirus

Win.Adware.Softpulse-223

0.98/21511

Comodo Security

UnclassifiedMalware

23602

Dr.Web

Trojan.DownLoader17.22793

9.0.1.0349

ESET NOD32

Win32/Neurevt

9.12574

Fortinet FortiGate

W32/Agent.BJPUAR!tr

12/15/2015

F-Secure

Trojan.GenericKD.2816416

11.2015-15-12_3

G Data

Win32.Trojan.Agent.WHEGS3

15.12.25

IKARUS anti.virus

Trojan.Win32.Neurevt

t3scan.1.9.5.0

K7 AntiVirus

Trojan

13.212.17866

Kaspersky

Trojan-Dropper.Win32.Agent.bjpuar

14.0.0.970

Malwarebytes

Trojan.Injector.VB

v2015.12.15.01

McAfee

Artemis!DACE63EDEE18

5600.6551

Microsoft Security Essentials

Trojan:Win32/Dynamer!ac

1.1.12205.0

MicroWorld eScan

Trojan.GenericKD.2816416

16.0.0.1047

NANO AntiVirus

Trojan.Win32.Agent.dyegef

0.30.26.4437

Panda Antivirus

Trj/CI.A

15.12.15.01

Qihoo 360 Security

HEUR/QVM41.1.Malware.Gen

1.0.0.1077

Quick Heal

TrojanDropper.Agent.r4

12.15.14.00

Rising Antivirus

PE:Malware.Generic/QRS!1.9E2D [F]

23.00.65.151213

Sophos

Mal/Generic-S

4.98

Vba32 AntiVirus

Trojan.Scar

3.12.26.4

VIPRE Antivirus

Trojan.Win32.Generic

45236

ViRobot

Trojan.Win32.Z.Neurevt.21866997[h]

2014.3.20.0

Zillya! Antivirus

Dropper.Autoit.Win32.2702

2.0.0.2512

File size:

20.9 MB (21,866,997 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\roaming\ajehhhefsf.exe

File PE Metadata

Compilation timestamp:

8/27/2014 9:40:54 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

393216:/QiPfhVysItpWio0EubNPBYLnzHyFEVm2xhiPYqjEsTS4E6sZ:7PusIa3g3GnfVm2x4PDhc

Entry address:

0x1D62B

Entry point:

E8, 5C, 64, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 56, 8D, 45, 08, 50, 8B, F1, E8, 7A, FC, FF, FF, C7, 06, 20, B2, 42, 00, 8B, C6, 5E, 5D, C2, 04, 00, C7, 01, 20, B2, 42, 00, E9, 2F, FD, FF, FF, 8B, FF, 55, 8B, EC, 56, 8B, F1, C7, 06, 20, B2, 42, 00, E8, 1C, FD, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, 86, C9, FF, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 56, 57, 8B, 7D, 08, 8B, 47, 04, 85, C0, 74, 47, 8D, 50, 08, 80, 3A, 00, 74, 3F, 8B, 75, 0C, 8B, 4E, 04, 3B, C1, 74, 14, 83, C1, 08... 
[+]

Entropy:

7.9991 (probably packed)

Code size:

162 KB (165,888 bytes)

The file ajehhhefsf.exe has been seen being distributed by the following URL.

http://s3-ap-northeast-1.amazonaws.com/.../last.exe

Remove ajehhhefsf.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.