» alawar_keyfilemaker.exe
Overview
Analysis
File Details

alawar_keyfilemaker.exe

The executable alawar_keyfilemaker.exe has been detected as malware by 16 anti-virus scanners.

File name:

MD5:

4bbf532dbed9b131ca83bec544bd0b8b

SHA-1:

676e2ded2b048a7f322d10b4f845cf9d305f292d

SHA-256:

358d3f6b885bca20ad60cf6f0c077fa0add49d5da8ebbfa48dff05bde91358b5

Scanner detections:

16 / 68

Status:

Malware

Analysis date:

4/25/2024 7:19:02 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.11726443

799

Avira AntiVirus

TR/Crypt.XPACK.Gen

7.11.179.120

avast!

Win32:Malware-gen

2014.9-141128

Bitdefender

Trojan.Generic.11726443

1.0.20.1660

Emsisoft Anti-Malware

Trojan.Generic.11726443

8.14.11.28.12

F-Secure

Trojan.Generic.11726443

11.2014-28-11_6

G Data

Trojan.Generic.11726443

14.11.24

IKARUS anti.virus

Trojan.Crypt

t3scan.1.7.8.0

McAfee

Artemis!4BBF532DBED9

5600.6933

MicroWorld eScan

Trojan.Generic.11726443

15.0.0.996

nProtect

Trojan.Generic.11726443

14.10.17.01

Qihoo 360 Security

HEUR/Malware.QVM19.Gen

1.0.0.1015

Rising Antivirus

PE:Trojan.Win32.Generic.175AB901!391821569

23.00.65.141126

Trend Micro House Call

Mal_DRPR-3

7.2.332

Trend Micro

Mal_DRPR-3

10.465.28

VIPRE Antivirus

Trojan.Win32.Generic

34054

File size:

30.5 KB (31,232 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\alena\alawar_keyfilemaker.exe

File PE Metadata

Compilation timestamp:

8/23/2014 8:07:09 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

5.12

CTPH (ssdeep):

768:8t2OWn+w5eRgMsxr6GhjAlRVfxiatF+X4gCE4B5:8tO+wAwvhjAjVfN7+X4gCE4L

Entry address:

0x417D

Entry point:

6A, 00, E8, 00, 15, 00, 00, A3, 70, 57, 40, 00, 6A, 00, 68, AE, 41, 40, 00, 6A, 00, 68, 5A, 25, 40, 00, FF, 35, 70, 57, 40, 00, E8, 04, 14, 00, 00, E8, 6D, 15, 00, 00, 6A, 00, E8, C4, 14, 00, 00, 55, 8B, EC, 81, C4, F8, FE, FF, FF, 81, 7D, 0C, 10, 01, 00, 00, 0F, 85, 9D, 00, 00, 00, FF, 75, 08, 8F, 05, 74, 57, 40, 00, 68, DB, 07, 00, 00, FF, 35, 70, 57, 40, 00, E8, 29, 14, 00, 00, 50, 6A, 01, 68, 80, 00, 00, 00, FF, 75, 08, E8, 3D, 14, 00, 00, 6A, 04, E8, 6A, 13, 00, 00, A3, DC, 79, 40, 00, 68, 00, 00, FF... 
[+]

Packer / compiler:

TASM / MASM

Code size:

26.5 KB (27,136 bytes)

Remove alawar_keyfilemaker.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.