home

ajfda;fo.exe

Project1

Company

The executable ajfda;fo.exe has been detected as malware by 35 anti-virus scanners. This backdoor trojan may be used to conduct distributed denial of service attacks, or used to install additional trojans or other forms of malicious software as well as can steal your sensitive information.
Publisher:
Company

Product:
Project1

Version:
1.00

MD5:
cdacb6ee37d11d87a04aeb9f55c58ea1

SHA-1:
973700a08bf5c29dae583ad7534a5c6bf8b10190

SHA-256:
5c776779d9f4207d06dbafce1929bea6683da515e065c0a35b5d9306d9ef8b58

Scanner detections:
35 / 68

Status:
Malware

Explanation:
The software cotains keystroke monitoring/logging capablities which may or may not be installed without the user's knowledge.

Analysis date:
4/19/2024 5:50:02 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Symmi.37098
583

Agnitum Outpost
Trojan.Zusy
7.1.1

AhnLab V3 Security
Trojan/Win32.Generic
2015.07.02

Avira AntiVirus
TR/Dropper.Gen
8.3.1.6

Arcabit
Trojan.Symmi.D90EA
1.0.0.425

avast!
Win32:Malware-gen
2014.9-150701

AVG
Generic35
2016.0.3061

Baidu Antivirus
Trojan.Win32.Xtrat
4.0.3.1571

Bitdefender
Gen:Variant.Symmi.37098
1.0.20.910

Bkav FE
HW32.Packed
1.3.0.6979

Comodo Security
UnclassifiedMalware
22638

Dr.Web
Trojan.Packed.25276
9.0.1.0182

Emsisoft Anti-Malware
Trojan.Win32.Xtrat
8.15.07.01.09

ESET NOD32
MSIL/Spy.Keylogger.LD
9.11874

Fortinet FortiGate
W32/Injector.ADYQ!tr
7/1/2015

F-Secure
Gen:Variant.Symmi.37098
11.2015-01-07_4

G Data
Gen:Variant.Symmi.37098
15.7.25

IKARUS anti.virus
Trojan.Win32.Xtrat
t3scan.1.9.5.0

K7 AntiVirus
Trojan
13.205.16429

Kaspersky
Trojan.Win32.Xtrat
14.0.0.1800

Malwarebytes
Trojan.VBAgent
v2015.07.01.09

McAfee
Artemis!CDACB6EE37D1
5600.6717

Microsoft Security Essentials
Backdoor:MSIL/Bladabindi.AL
1.1.11804.0

MicroWorld eScan
Gen:Variant.Symmi.37098
16.0.0.546

NANO AntiVirus
Trojan.Win32.Xtrat.ctzhwz
0.30.24.2320

Panda Antivirus
Trj/CI.A
15.07.01.09

Qihoo 360 Security
Win32/Trojan.f16
1.0.0.1015

Quick Heal
Worm.Gamarue.I3
7.15.14.00

Rising Antivirus
PE:Trojan.Win32.Generic.164168F2!373385458
23.00.65.15629

Sophos
Troj/VB-GZB
4.98

Trend Micro House Call
TROJ_SPNR.15C514
7.2.182

Trend Micro
TROJ_SPNR.15C514
10.465.01

Vba32 AntiVirus
Trojan.Xtrat
3.12.26.4

VIPRE Antivirus
Trojan.Win32.Generic
41624

Zillya! Antivirus
Trojan.Xtrat.Win32.477
2.0.0.2262

File size:
324.2 KB (332,026 bytes)

Product version:
1.00

Original file name:
GPBG.exe

File type:
Executable application (Win32 EXE)

Language:
Spanish (Spain, International Sort)

File PE Metadata
Compilation timestamp:
12/25/2013 7:46:32 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:HXaQZkuMW5s9k3qzZKZHFTDBX0D6dhWyEUgSu6O2K2OoUlR6lt1+dSKNPTiXCc:KQuuMas9NKZHV10DSpbgSu6O2K2OoUlG

Entry address:
0x15B0

Entry point:
68, 54, 16, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 5D, 96, 70, 47, 9D, 4D, 87, 40, 81, 66, B6, 79, 5F, 97, E6, 37, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 0E, 41, 64, 6F, 62, 65, 50, 72, 6F, 6A, 65, 63, 74, 31, 00, 00, 84, 00, 06, 04, 04, 04, 00, 00, 00, 00, 07, 00, 00, 00, 44, 4F, 40, 00, 07, 00, 00, 00, 98, 48, 40, 00, 06, 00, 00, 00, 3C, 45, 40, 00, 01, 00, 04, 00, 70, 3F, 40, 00, 00, 00, 00, 00, FF, FF, FF, FF, FF, FF, FF, FF, 00, 00, 00, 00...
 
[+]

Entropy:
7.5738

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
216 KB (221,184 bytes)

Remove ajfda;fo.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.