» Beepa Fraps 2.9.7 Build 7771 (Registered Version).exe
Overview
Analysis
File Details

Beepa Fraps 2.9.7 Build 7771 (Registered Version).exe

Beepa Pty Ltd

The executable Beepa Fraps 2.9.7 Build 7771 (Registered Version).exe has been detected as malware by 21 anti-virus scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer.

File name:

Publisher:

Beepa Pty Ltd (signed and verified)

MD5:

5fa09b267ff5f7ceea0ce305ebe1d2f4

SHA-1:

517e42c0b577a103dbcf61be1312af98fd762551

Scanner detections:

21 / 68

Status:

Malware

Analysis date:

4/26/2024 5:43:16 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.5942160

945

Agnitum Outpost

Trojan.Agent

7.1.1

Avira AntiVirus

BDS/Small.IAQ

7.11.145.40

Baidu Antivirus

Trojan.Win32.Agent

4.0.3.1474

Bitdefender

Trojan.Generic.5942160

1.0.20.925

Bkav FE

W32.Clodcb6.Trojan

1.3.0.4959

F-Prot

W32/MalwareF.BQGB

v6.4.7.1.166

G Data

Trojan.Generic.5942160

14.7.24

IKARUS anti.virus

Trojan.Win32.Agent

t3scan.1.6.1.0

McAfee

Artemis!5FA09B267FF5

5600.7079

MicroWorld eScan

Trojan.Generic.5942160

15.0.0.555

NANO AntiVirus

Trojan.Win32.Agent.damoo

0.28.0.59492

Norman

Suspicious_Gen2.TCTZK

11.20140704

nProtect

Trojan/W32.Agent.2682976

14.04.24.02

Panda Antivirus

Trj/CI.A

14.07.04.03

Quick Heal

Backdoor.Small.huq.n5

7.14.12.00

Trend Micro House Call

TROJ_SPNR.08I012

7.2.185

Trend Micro

TROJ_SPNR.08I012

10.465.04

Vba32 AntiVirus

Trojan.Agent

3.12.26.0

VIPRE Antivirus

Trojan.Win32.Generic

28570

ViRobot

Trojan.Win32.S.Agent.2682976

2011.4.7.4223

File size:

2.6 MB (2,682,976 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Digital Signature

Signed by:

Beepa Pty Ltd

Authority:

VeriSign, Inc.

Valid from:

8/7/2006 3:00:00 AM

Valid to:

8/31/2009 2:59:59 AM

Subject:

CN=Beepa Pty Ltd, OU=Development, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Beepa Pty Ltd, L=Melbourne, S=Victoria, C=AU

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

0D2FAB944320EF72BF20B8432E7E3F30

File PE Metadata

Compilation timestamp:

8/16/2008 11:26:20 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

49152:SS1sBQTdbb56zKsoAsW12TbYiEr8B815LmZ5YErKD18jhvwe5ICsTcqC8:SVQTdbbI2TrA1sZ5YEbhvwe5IUqC8

Entry address:

0x30E3

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 58, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, 23, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 90, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 4C, 91, 40, 00, 68, 60, E3, 42, 00, E8, DA, 27, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, C8, 27, 00, 00... 
[+]

Packer / compiler:

Nullsoft install system v2.x

Code size:

23 KB (23,552 bytes)

Remove Beepa Fraps 2.9.7 Build 7771 (Registered Version).exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.