» authenticator.exe
Overview
Analysis
File Details
Downloads (1)

authenticator.exe

Latium Authenticator

Latium

The executable authenticator.exe, “Latium Authenticator(Executive Created by Jar2Exe v2.0, jar2exe.com)” has been detected as malware by 20 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.latium.cc.

File name:

authenticator.exe

Publisher:

Latium

Product:

Latium Authenticator

Description:

Latium Authenticator(Executive Created by Jar2Exe v2.0, jar2exe.com)

Version:

1.0.0.0

MD5:

3c5430a62036722e4eca6589146fcec5

SHA-1:

95c4c9db503f4e2dab20ed7dfb65122e56fda708

SHA-256:

a2c546d87a94f169701e779e3321e6c26f5baf7427249e9fcf456d1632eb3ba7

Scanner detections:

20 / 68

Status:

Malware

Analysis date:

6/16/2024 8:22:22 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Strictor.63810

817

Agnitum Outpost

Backdoor.SpyBot

7.1.1

Avira AntiVirus

BDS/SpyBot.2947298

7.11.193.190

avast!

Win32:Malware-gen

2014.9-141109

Bitdefender

Gen:Variant.Strictor.63810

1.0.20.1565

Comodo Security

UnclassifiedMalware

20312

Dr.Web

Java.Jacksbot.22

9.0.1.0313

Emsisoft Anti-Malware

Gen:Variant.Strictor.63810

8.14.11.09.07

F-Secure

Gen:Variant.Strictor.63810

11.2014-09-11_1

G Data

Gen:Variant.Strictor.63810

14.11.24

McAfee

Artemis!3C5430A62036

5600.6951

MicroWorld eScan

Gen:Variant.Strictor.63810

15.0.0.939

Norman

Bot.NRI

11.20141215

nProtect

Backdoor.Bot.78950

14.12.09.01

Qihoo 360 Security

Win32/Trojan.2a7

1.0.0.1015

Reason Heuristics

Threat.Win.Reputation.IMP

14.12.15.13

Trend Micro House Call

TROJ_GEN.R0C1C0EL814

7.2.349

Trend Micro

TROJ_GEN.R0C1C0EL814

10.465.15

VIPRE Antivirus

Trojan.Win32.Generic

35572

ViRobot

Trojan.Win32.S.Agent.2947298

2011.4.7.4223

File size:

5.6 MB (5,904,357 bytes)

Product version:

1.0.0.0

Trademarks:

Trade marks

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\authenticator.exe

File PE Metadata

Compilation timestamp:

7/26/2014 10:43:18 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

98304:jJrwrioy+9uYrNDdBjrATdohxLxlsOv93VPCzf5leE3adQFZfsl:jJwrDWYrNZhthxX3VQSE3adQPsl

Entry address:

0x16A2B

Entry point:

55, 8B, EC, 6A, FF, 68, 50, 75, 43, 00, 68, BC, AC, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 10, 53, 56, 57, 89, 65, E8, FF, 15, BC, 70, 43, 00, 33, D2, 8A, D4, 89, 15, 18, 4D, 44, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 14, 4D, 44, 00, C1, E1, 08, 03, CA, 89, 0D, 10, 4D, 44, 00, C1, E8, 10, A3, 0C, 4D, 44, 00, 6A, 01, E8, CC, 41, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, AB, 00, 00, 00, 59, E8, D7, 3E, 00, 00, 85, C0, 75, 08, 6A, 10, E8, 9A, 00, 00, 00, 59, 83, 65, FC, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

216 KB (221,184 bytes)

The file authenticator.exe has been seen being distributed by the following URL.

http://www.latium.cc/Authenticator.exe

Remove authenticator.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.