» atieclexxx.exe
Overview
Analysis
File Details

atieclexxx.exe

Job based overheat systems (INC)

Gon pack (C) Unlimited

The executable atieclexxx.exe, “Gas production (C)” has been detected as malware by 25 anti-virus scanners.

File name:

atieclexxx.exe

Publisher:

Gon pack (C) Unlimited

Product:

Job based overheat systems (INC)

Description:

Gas production (C)

Version:

1.2.2.77246

MD5:

581d2b75da5b8552a63538ae972aa546

SHA-1:

1547da88190d3d2152d3118acd9c0e3639e43352

SHA-256:

abf7d6cbce1a943004b398bc011485e5251d007ee8e7d7733753af4a720693a0

Scanner detections:

25 / 68

Status:

Malware

Analysis date:

4/23/2024 9:15:07 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1643297

1018

Agnitum Outpost

FraudTool.Windef

7.1.1

Avira AntiVirus

TR/Rogue.516096

7.11.144.160

avast!

Win32:Malware-gen

2014.9-140423

AVG

Worm/Pakes

2015.0.3496

Baidu Antivirus

Worm.Win32.Ainslot

4.0.3.14423

Bitdefender

Trojan.GenericKD.1643297

1.0.20.565

Emsisoft Anti-Malware

Trojan.GenericKD.1643297

8.14.04.23.03

ESET NOD32

Win32/Ainslot.AA

8.9704

Fortinet FortiGate

W32/Windef.AA!tr

4/23/2014

F-Secure

Trojan.GenericKD.1643297

11.2014-23-04_4

G Data

Trojan.GenericKD.1643297

14.4.24

IKARUS anti.virus

Trojan.SuspectCRC

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.176.11833

Kaspersky

Trojan-FakeAV.Win32.Windef

14.0.0.3974

Malwarebytes

Backdoor.Bot

v2014.04.23.03

McAfee

Artemis!581D2B75DA5B

5600.7152

MicroWorld eScan

Trojan.GenericKD.1643297

15.0.0.339

Norman

Troj_Generic.TOAHF

11.20140423

nProtect

Trojan.GenericKD.1643297

14.04.21.01

Panda Antivirus

Trj/CI.A

14.04.23.03

Qihoo 360 Security

Win32/Trojan.244

1.0.0.1015

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_GEN.R0CBB01DL14

7.2.113

VIPRE Antivirus

Trojan.Win32.Generic

28468

File size:

504 KB (516,096 bytes)

Product version:

2.4.4.45178

Original file name:

overheatsystems.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

File PE Metadata

Compilation timestamp:

4/10/2014 5:16:30 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

6144:NXB9EFiKMyEqp1XOL9m3zYX0vYw65pC+HDAmtkDBzXD7mqc1Zp6W3L8RcQ9p:Ww1VGDgAYT5pCanyJXD5sZp4r

Entry address:

0x5756E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.2016

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

341.5 KB (349,696 bytes)

Remove atieclexxx.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.