home

Antimixi textus.exe

Paraphra accersit

TechSmith eeeeeeeeeeeeeeeeeeeeeeeeee

The executable Antimixi textus.exe has been detected as malware by 35 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.powakaddygolf.com.
Publisher:
TechSmith eeeeeeeeeeeeeeeeeeeeeeeeee

Product:
Paraphra accersit

Description:
Interces

Version:
1.06.0002

MD5:
5bd683057f12c5f51474dda7bde25bb1

SHA-1:
3cde87bb9b6d9ac2b2e6ce35cf4c5086cc50e393

SHA-256:
1aeb10a9945f1ec15b4ea19fa5130465eca1310d9de01bd8be8e23a292888359

Scanner detections:
35 / 68

Status:
Malware

Analysis date:
4/16/2024 6:35:37 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.1059493
1151

Agnitum Outpost
Worm.SdBot
7.1.1

AhnLab V3 Security
Trojan/Win32.Jorik
2013.12.04

Avira AntiVirus
TR/Dropper.Gen7
7.11.117.156

avast!
Win32:VBCrypt-CML [Trj]
2014.9-130824

AVG
VB2
2014.0.3539

Baidu Antivirus
Backdoor.Win32.SdBot
4.0.3.131126

Bitdefender
Trojan.GenericKD.1059493
1.0.20.1180

Bkav FE
W32.FaragonQ.Trojan
1.3.0.4562

Comodo Security
UnclassifiedMalware
17379

Dr.Web
Trojan.DownLoader5.7684
9.0.1.0236

Emsisoft Anti-Malware
Trojan.GenericKD.1059493
8.13.08.24.02

ESET NOD32
Win32/Injector.AIUF (variant)
7.9126

Fortinet FortiGate
W32/IRCBot.NIH!tr
8/24/2013

F-Secure
Trojan.GenericKD.1059493
11.2013-11-12_4

G Data
Trojan.GenericKD.1059493
13.8.22

IKARUS anti.virus
Virus.Win32.VBInject
t3scan.2.2.29

K7 AntiVirus
Riskware
13.174.10396

Kaspersky
Backdoor.Win32.SdBot
14.0.0.3773

Malwarebytes
Trojan.VBKrypt
v2013.08.24.02

McAfee
RDN/Sdbot.worm!bi
5600.7177

Microsoft Security Essentials
Trojan:Win32/Ircbrute
1.163.1557.0

MicroWorld eScan
Trojan.GenericKD.1059493
14.0.0.1035

NANO AntiVirus
Trojan.Win32.Jorik.bvqpim
0.28.0.56582

Norman
Troj_Generic.MISCO
11.20130824

Panda Antivirus
Generic Malware
13.08.24.02

Quick Heal
Trojan.Ircbrute
8.13.12.00

Rising Antivirus
PE:Trojan.VBInject!1.6546
23.00.65.131209

Sophos
Mal/Generic-S
4.95

SUPERAntiSpyware
Trojan.Agent/Gen-FalComp
10698

Total Defense
Win32/IrcBNot.TbDaVfC
37.0.10498

Trend Micro House Call
TROJ_GEN.R02KB01IQ13
7.2.236

Trend Micro
TROJ_SPNR.15GB13
10.465.24

Vba32 AntiVirus
TScope.Trojan.VB
3.12.24.3

VIPRE Antivirus
Trojan.Win32.Ircbrute
22996

File size:
772 KB (790,528 bytes)

Product version:
1.06.0002

Copyright:
Rander whispera glusid 1998-2009

Original file name:
Antimixi textus.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\antimixi textus.exe

File PE Metadata
Compilation timestamp:
6/21/2013 3:23:21 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:zC6XomB2Hv8f0Ka3GcJGdHkIYRGNfe3cJljJPGj5XcNOJ9dCXo/8WjH+dnUFkIgJ:zC6XC3GcJGdHyRGVe3UduCjWidUd

Entry address:
0x1508

Entry point:
68, 90, 16, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 9F, 89, 4F, 9C, 41, 31, 92, 47, B9, C3, DD, A3, 9A, C7, F0, 52, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 61, 6E, 74, 69, 63, 6F, 6D, 6D, 75, 6E, 69, 73, 74, 69, 63, 00, 00, 00, 00, 00, 01, 00, 08, 00, 3C, 2F, 40, 00, 00, 00, 00, 00, FF, FF, FF, FF, FF, FF, FF, FF, 00, 00, 00, 00, 10, 31, 40, 00, A8, 20, 41, 00, 00, 00, 00, 00, 68, B2, 2F, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.6898

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
68 KB (69,632 bytes)

The file Antimixi textus.exe has been seen being distributed by the following URL.

http://www.powakaddygolf.com/shop2/.../xcrypted.exe

Remove Antimixi textus.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.