» bet.exe
Overview
Analysis
File Details

bet.exe

Create

Pile luck - www.Create.com

The executable bet.exe has been detected as malware by 29 anti-virus scanners.

File name:

bet.exe

Publisher:

Pile luck - www.Create.com

Product:

Create

Description:

Military hell

Version:

7.0.0.4

MD5:

44e9fc55069b8caa8186e8db4dd14897

SHA-1:

bcdae2cdd69845cd9ea050ee86f9ce1743208f20

SHA-256:

314a07b25b58386fa1b02061590ad35f05498ac00cf8574fbd79c09823952459

Scanner detections:

29 / 68

Status:

Malware

Analysis date:

4/19/2024 11:51:23 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1648690

1018

AhnLab V3 Security

Trojan/Win32.Ransomlock

14.04.23

Avira AntiVirus

TR/Dropper.A.16144

7.11.144.190

avast!

Win32:Dropper-gen [Drp]

2014.9-140423

AVG

ScreenLocker

2015.0.3496

Bitdefender

Trojan.GenericKD.1648690

1.0.20.565

Bkav FE

HW32.CDB

1.3.0.4959

Dr.Web

Trojan.Betabot.3

9.0.1.0113

Emsisoft Anti-Malware

Trojan.GenericKD.1648690

8.14.04.23.03

ESET NOD32

Win32/Neurevt

8.9708

Fortinet FortiGate

W32/Neurevt.B!tr

4/23/2014

F-Secure

Trojan.GenericKD.1648690

11.2014-23-04_4

G Data

Trojan.GenericKD.1648690

14.4.24

IKARUS anti.virus

Trojan.SuspectCRC

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.176.11847

Kaspersky

Trojan.Win32.Yakes

14.0.0.3974

Malwarebytes

Trojan.Agent.ED

v2014.04.23.03

McAfee

Artemis!44E9FC55069B

5600.7152

Microsoft Security Essentials

Trojan:Win32/Neurevt.AB

1.10502

MicroWorld eScan

Trojan.GenericKD.1648690

15.0.0.339

Norman

Suspicious_Gen4.GFTCK

11.20140423

nProtect

Trojan.GenericKD.1648690

14.04.22.01

Qihoo 360 Security

HEUR/Malware.QVM10.Gen

1.0.0.1015

Sophos

Mal/Generic-S

4.98

Total Defense

Win32/Tnega.KfeWERD

37.0.10893

Trend Micro House Call

TROJ_GEN.F47V0420

7.2.113

Vba32 AntiVirus

SScope.Malware-Cryptor.8414

3.12.26.0

VIPRE Antivirus

Trojan.Win32.Generic!SB.0

28506

ViRobot

Trojan.Win32.Injector.310272

2011.4.7.4223

File size:

303 KB (310,272 bytes)

Product version:

2.0

File type:

Executable application (Win32 EXE)

Language:

Arabic (Saudi Arabia)

File PE Metadata

Compilation timestamp:

4/20/2014 1:24:59 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

6144:VX7vvrf4AtsYBz72srV6JO6aJBsNmWoMblWl1wAVyz6Bh/z:VX7vvrhtHBz72myO7HsqMb011BBhr

Entry address:

0xD461

Entry point:

E8, EB, 33, 00, 00, E9, 89, FE, FF, FF, B8, 18, B0, 41, 00, C3, A1, 20, 01, BF, 31, 56, 6A, 14, 5E, 85, C0, 75, 07, B8, 00, 02, 00, 00, EB, 06, 3B, C6, 7D, 07, 8B, C6, A3, 20, 01, BF, 31, 6A, 04, 50, E8, 99, 34, 00, 00, 59, 59, A3, 18, F1, BE, 31, 85, C0, 75, 1E, 6A, 04, 56, 89, 35, 20, 01, BF, 31, E8, 80, 34, 00, 00, 59, 59, A3, 18, F1, BE, 31, 85, C0, 75, 05, 6A, 1A, 58, 5E, C3, 33, D2, B9, 18, B0, 41, 00, EB, 05, A1, 18, F1, BE, 31, 89, 0C, 02, 83, C1, 20, 83, C2, 04, 81, F9, 98, B2, 41, 00, 7C, EA, 6A... 
[+]

Entropy:

7.1181

Code size:

92 KB (94,208 bytes)

Remove bet.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.