» Anonymous DoSer.exe
Overview
Analysis
File Details
Downloads (5)

Anonymous DoSer.exe

Anonymous DoSer

hackforums.net

The executable Anonymous DoSer.exe has been detected as malware by 21 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from dc509.4shared.com and multiple other hosts.

File name:

Anonymous DoSer.exe

Publisher:

hackforums.net

Product:

Anonymous DoSer

Version:

1.3.0.0

MD5:

f3de219b21ab2e9e6d77049ba28df45b

SHA-1:

00f52a0e41da1c69fc229ff5388aa180b7dcd801

SHA-256:

e02f58504c9d4530df98171487e381af4098f2075e9d30ea8ef7b81170929314

Scanner detections:

21 / 68

Status:

Malware

Analysis date:

5/16/2024 1:08:35 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.7950782

986

Avira AntiVirus

TR/Rogue.7950782

7.11.148.224

avast!

Win32:Malware-gen

2014.9-140524

Baidu Antivirus

Trojan.MSIL.Confuser

4.0.3.14524

Bitdefender

Trojan.Generic.7950782

1.0.20.720

Bkav FE

W32.Clod23e.Trojan

1.3.0.4959

Comodo Security

UnclassifiedMalware

18248

Emsisoft Anti-Malware

Trojan.Generic.7950782

8.14.05.24.11

ESET NOD32

MSIL/Packed.Confuser (variant)

8.9782

F-Secure

Trojan.Generic.7950782

11.2014-24-05_7

G Data

Trojan.Generic.7950782

14.5.24

IKARUS anti.virus

Win32.Malware

t3scan.1.6.1.0

Malwarebytes

HackTool.Doser.ANM

v2014.05.24.11

McAfee

Artemis!F3DE219B21AB

5600.7120

MicroWorld eScan

Trojan.Generic.7950782

15.0.0.432

Norman

Suspicious_Gen4.AOEAZ

11.20140524

nProtect

Trojan.Generic.7950782

14.05.09.01

Panda Antivirus

Generic Malware

14.05.24.11

Qihoo 360 Security

Win32/Trojan.b7f

1.0.0.1015

SUPERAntiSpyware

Heur.Agent/Gen-HackRelated

10585

VIPRE Antivirus

Trojan.Win32.Generic

29056

File size:

25 KB (25,600 bytes)

Product version:

1.3.0.0

Trademarks:

Anonymous

Original file name:

Anonymous DoSer.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\anonymous doser.exe

File PE Metadata

Compilation timestamp:

5/23/2012 12:08:40 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

384:bQhKAmmXHwK3VOZOeOF0wMhXDAirGxMs0mfRobysbJ8AYdwYtOPx:budtFXeOI6Os0mZomsbJ8AwwYtO5

Entry address:

0x661E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

18 KB (18,432 bytes)

The file Anonymous DoSer.exe has been seen being distributed by the following 5 URLs.

http://dc509.4shared.com/download/.../anonymous_doser.exe

http://dc129.4shared.com/download/.../anonymous_doser.exe

http://dc509.4shared.com/download/.../anonymous_doser.exe

http://dc738.4shared.com/download/.../anonymous_doser.exe

Remove Anonymous DoSer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.