home

applicationf0rm.exe

MD5:
7d8460e8e70ab5c221f2d042f80e0b8a

SHA-1:
68b3c7f6b28ebcb1a2a365b00225ae2172433a57

SHA-256:
1115cb26c117095d2998b600953778a51f4ea090c5902e93191331bdf8ffc6f1

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/23/2024 5:49:33 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/ATRAPS.Gen5
7.11.30.172

Dr.Web
BackDoor.Blackshades.17
9.0.1.05190

File size:
2.3 MB (2,362,880 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\microsoft\windows\start menu\programs\startup\applicationf0rm.exe

File PE Metadata
Compilation timestamp:
12/28/2013 6:27:16 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:H8q9kAzk5c9Yxd/p0gz13ZlKjKQ8qYL0k6g5vKx6s:H5k+kyoRzRzKjVix6yv6

Entry address:
0x2325EE

Entropy:
0.3912

Code size:
2.2 MB (2,295,296 bytes)

User Start Menu Item
Name:
APPLICATIONF0RM.exe


Scan applicationf0rm.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.