b.boygameforpc.exe

The executable b.boygameforpc.exe has been detected as malware by 17 anti-virus scanners. The program is a setup application that uses the Self-extracting archive installer, however the file is not signed with an authenticode signature from a trusted source. This backdoor trojan may be used to conduct distributed denial of service attacks, or used to install additional trojans or other forms of malicious software as well as can steal your sensitive information. The file has been seen being downloaded from download1757.mediafire.com.
MD5:
c8d3297d618bc500504700da877fed0c

SHA-1:
6ee324d5de396299ef48f101b4a9e9082e022a4f

SHA-256:
9510d533c3054d0a06162a2d7e7ce0c1d8796a55b88440ce6ea3de338c5d610d

Scanner detections:
17 / 68

Status:
Malware

Analysis date:
10/20/2018 4:39:46 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKDZ.24293
339

AhnLab V3 Security
Trojan/Win32.FakeAV
2014.05.27

Avira AntiVirus
TR/Dropper.Gen
7.11.151.182

avast!
MSIL:Agent-BKA [Trj]
2014.9-160301

Comodo Security
Backdoor.MSIL.Bladabindi.A
18339

Dr.Web
Trojan.DownLoader10.63222
9.0.1.061

ESET NOD32
MSIL/Bladabindi.BH (variant)
10.9854

F-Secure
Trojan.GenericKDZ.24293
11.2016-01-03_3

IKARUS anti.virus
Gen.Trojan.Ciusky
t3scan.1.6.1.0

Kaspersky
Backdoor.MSIL.Agent
14.0.0.580

Microsoft Security Essentials
Backdoor:MSIL/Bladabindi.AJ
1.10600

MicroWorld eScan
Trojan.GenericKDZ.24293
17.0.0.183

NANO AntiVirus
Trojan.Win32.DownLoader11.cxfbrl
0.28.0.59921

Qihoo 360 Security
Malware.QVM03.Gen
1.0.0.1015

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
23.00.65.16228

Sophos
Troj/DotNet-P
4.98

Vba32 AntiVirus
Trojan.MSIL.Disfa
3.12.26.0

File size:
33.3 MB (34,881,018 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Self-extracting archive

Common path:
C:\users\{user}\downloads\b.boygameforpc.exe

File PE Metadata
Compilation timestamp:
12/1/2013 3:08:23 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
786432:pdiGrPwT7uUVgMNDkt5ZPZ1MwK38iYr6WpHYAbpzaLLr7z:Him0tNqt5fKMk1AbMLr7z

Entry address:
0x1D728

Entry point:
E8, F0, 57, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 56, 8D, 45, 08, 50, 8B, F1, E8, 05, FD, FF, FF, C7, 06, E4, 81, 42, 00, 8B, C6, 5E, 5D, C2, 04, 00, C7, 01, E4, 81, 42, 00, E9, BA, FD, FF, FF, 8B, FF, 55, 8B, EC, 56, 8B, F1, C7, 06, E4, 81, 42, 00, E8, A7, FD, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, D1, C9, FF, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 56, 57, 8B, 7D, 08, 8B, 47, 04, 85, C0, 74, 47, 8D, 50, 08, 80, 3A, 00, 74, 3F, 8B, 75, 0C, 8B, 4E, 04, 3B, C1, 74, 14, 83, C1, 08...
 
[+]

Code size:
149.5 KB (153,088 bytes)

The file b.boygameforpc.exe has been seen being distributed by the following URL.

Remove b.boygameforpc.exe - Powered by Reason Core Security