» alert.exe
Overview
Analysis
File Details
Downloads (1)

alert.exe

Windows Alert

The executable alert.exe has been detected as malware by 17 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from hexadl.line55.net.

File name:

alert.exe

Product:

Windows Alert

Version:

1, 5, 0, 0

MD5:

3e03653504b4c034c04b6669d87fad75

SHA-1:

46cce4c409b0c35c1ef4ff9efa03f53409fc2e7c

SHA-256:

3a7bdcbb217c09b21e22f62695fa13bdccbc8e110aba9233070b899b5d8ab844

Scanner detections:

17 / 68

Status:

Malware

Analysis date:

4/24/2024 2:53:06 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.12019486

378

Baidu Antivirus

Trojan.Win32.BadJoke

4.0.3.16122

Bitdefender

Trojan.Generic.12019486

1.0.20.110

Emsisoft Anti-Malware

Trojan.Generic.12019486

8.16.01.22.01

Fortinet FortiGate

PossibleThreat.SB!tr

1/22/2016

F-Secure

Trojan.Generic.12019486

11.2016-22-01_6

G Data

Trojan.Generic.12019486

16.1.24

IKARUS anti.virus

Hoax.Win32.RegistryCleaner

t3scan.1.8.3.0

K7 AntiVirus

Riskware

13.186.14174

Kaspersky

Hoax.Win32.RegistryCleaner

14.0.0.777

McAfee

Artemis!3E03653504B4

5600.6512

MicroWorld eScan

Trojan.Generic.12019486

17.0.0.66

nProtect

Trojan.Generic.12019486

14.11.28.01

Panda Antivirus

Trj/CI.A

16.01.22.01

Trend Micro House Call

TROJ_GEN.R002C0EKQ14

7.2.22

Trend Micro

TROJ_GEN.R002C0EKQ14

10.465.22

VIPRE Antivirus

Trojan.Win32.Generic.pak!cobra

35276

File size:

74 KB (75,776 bytes)

Product version:

1, 5, 0, 0

File type:

Executable application (Win32 EXE)

Language:

English

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\alert.exe

File PE Metadata

Compilation timestamp:

7/22/2013 12:43:24 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

1536:Riv/NzFqFyRPCsLBPi6EczQVC3RbwSzos58Vr:RMUqFLIddzs58Vr

Entry address:

0x1D0E

Entry point:

E8, 77, 30, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, B8, F0, 40, 00, 89, 0D, B4, F0, 40, 00, 89, 15, B0, F0, 40, 00, 89, 1D, AC, F0, 40, 00, 89, 35, A8, F0, 40, 00, 89, 3D, A4, F0, 40, 00, 66, 8C, 15, D0, F0, 40, 00, 66, 8C, 0D, C4, F0, 40, 00, 66, 8C, 1D, A0, F0, 40, 00, 66, 8C, 05, 9C, F0, 40, 00, 66, 8C, 25, 98, F0, 40, 00, 66, 8C, 2D, 94, F0, 40, 00, 9C, 8F, 05, C8, F0, 40, 00, 8B, 45, 00, A3, BC, F0, 40, 00, 8B, 45, 04, A3, C0, F0, 40, 00, 8D, 45, 08, A3, CC, F0, 40... 
[+]

Code size:

38 KB (38,912 bytes)

The file alert.exe has been seen being distributed by the following URL.

http://hexadl.line55.net/alert.exe

Remove alert.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.