» and.exe
Overview
Analysis
File Details

and.exe

The executable and.exe has been detected as malware by 32 anti-virus scanners.

File name:

and.exe

MD5:

614c526e9a9755e57229a3317eadb004

SHA-1:

4d997880eb9c6bdf08edaf665e0184a82b126d37

Scanner detections:

32 / 68

Status:

Malware

Analysis date:

4/27/2024 3:05:34 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1731444

856

Agnitum Outpost

Backdoor.Androm

7.1.1

AhnLab V3 Security

Dropper/Win32.Necurs

2014.07.04

Avira AntiVirus

TR/Crypt.Xpack.73358

7.11.158.80

avast!

Win32:Downloader-VMA [Trj]

2014.9-141002

AVG

Crypt3

2015.0.3334

Baidu Antivirus

Trojan.Win32.Injector

4.0.3.14102

Bitdefender

Trojan.GenericKD.1731444

1.0.20.1375

Comodo Security

UnclassifiedMalware

18753

Dr.Web

BackDoor.IRC.NgrBot.449

9.0.1.0275

Emsisoft Anti-Malware

Trojan.GenericKD.1731444

8.14.10.02.05

ESET NOD32

Win32/Injector.BGOY (variant)

8.10039

Fortinet FortiGate

W32/Androm.ENDZ!tr.bdr

10/2/2014

F-Secure

Trojan.GenericKD.1731444

11.2014-02-10_5

G Data

Trojan.GenericKD.1731444

14.10.24

IKARUS anti.virus

Trojan.Win32.Injector

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.180.12612

Kaspersky

Backdoor.Win32.Androm

14.0.0.3164

McAfee

RDN/Generic BackDoor!yw

5600.6990

Microsoft Security Essentials

Worm:Win32/Gamarue.AM

1.10701

MicroWorld eScan

Trojan.GenericKD.1731444

15.0.0.825

NANO AntiVirus

Trojan.Win32.Yakes.dbphmd

0.28.0.60577

Norman

Troj_Generic.UTHSU

11.20141002

Panda Antivirus

Trj/CI.A

14.10.02.05

Qihoo 360 Security

Win32/Backdoor.c3f

1.0.0.1015

Quick Heal

(Suspicious) - DNAScan

6.14.14.00

Rising Antivirus

PE:Trojan.Win32.Generic.16E65AC4!384195268

23.00.65.14930

Sophos

Mal/Ransom-CR

4.98

Total Defense

Win32/Gamarue.FePEGIB

37.0.11036

Trend Micro House Call

TROJ_GEN.R0CBC0DFS14

7.2.275

Trend Micro

TROJ_GEN.R0CBC0DFS14

10.465.02

VIPRE Antivirus

Win32.Malware!Drop

30918

File size:

139 KB (142,336 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Documents and Settings\{user}\Local settings\temporary internet files\content.ie5\{random}\and.exe

File PE Metadata

Compilation timestamp:

6/25/2014 10:02:27 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

1536:i00Vhvhf4UXwZKDoZ7Fu65Q+4RrwNz6TTAEwEQ40h3B3syoXBnkIrGXCIam3m:i00VZhAl7dBc4r883B3syoXBkIrGyIFm

Entry address:

0x2FB1

Entry point:

E8, A1, 74, 00, 00, E9, 1E, FE, FF, FF, CC, CC, CC, CC, CC, 80, 7A, 0E, 05, 75, 11, 66, 8B, 9D, 5C, FF, FF, FF, 80, CF, 02, 80, E7, FE, B3, 3F, EB, 04, 66, BB, 3F, 13, 66, 89, 9D, 5E, FF, FF, FF, D9, AD, 5E, FF, FF, FF, BB, 6C, 82, 41, 00, D9, E5, 89, 95, 6C, FF, FF, FF, 9B, DD, BD, 60, FF, FF, FF, C6, 85, 70, FF, FF, FF, 00, 9B, 8A, 8D, 61, FF, FF, FF, D0, E1, D0, F9, D0, C1, 8A, C1, 24, 0F, D7, 0F, BE, C0, 81, E1, 04, 04, 00, 00, 8B, DA, 03, D8, 83, C3, 10, FF, 23, 80, 7A, 0E, 05, 75, 11, 66, 8B, 9D, 5C... 
[+]

Code size:

72 KB (73,728 bytes)

Remove and.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.