» bpvttlpxh.exe
Overview
Analysis
File Details
Behaviors (1)

bpvttlpxh.exe

Book Collector

Bitz and Pixelz BV

The executable bpvttlpxh.exe, “Collectorz.com Book Collector” has been detected as malware by 29 anti-virus scanners. It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in.

File name:

bpvttlpxh.exe

Publisher:

Bitz and Pixelz BV

Product:

Book Collector

Description:

Collectorz.com Book Collector

Version:

9.2.0.5

MD5:

3683bc5d0fc1ce91ad9d0c1f86cfff91

SHA-1:

47c733c6e887763b4c02e02bb3d760798bee0cd1

SHA-256:

647438a6aaf02ee6d3aa621f82fb26ed8e4eb92e401f9430916099f4251cb7cc

Scanner detections:

29 / 68

Status:

Malware

Analysis date:

4/26/2024 10:55:28 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1639899

1022

AhnLab V3 Security

Trojan/Win32.Ransomlock

14.04.18

Avira AntiVirus

TR/Crypt.Xpack.39155

7.11.144.8

avast!

Win32:Malware-gen

2014.9-140418

AVG

BackDoor.SmallX

2015.0.3500

Baidu Antivirus

Trojan.Win32.Neurevt

4.0.3.14418

Bitdefender

Trojan.GenericKD.1639899

1.0.20.540

Dr.Web

Trojan.Winlock.10644

9.0.1.0108

Emsisoft Anti-Malware

Trojan.GenericKD.1639899

8.14.04.18.04

ESET NOD32

Win32/Neurevt

8.9689

Fortinet FortiGate

W32/Agentb.APDQ!tr

4/18/2014

F-Secure

Trojan.GenericKD.1639899

11.2014-18-04_6

G Data

Trojan.GenericKD.1639899

14.4.24

IKARUS anti.virus

Trojan.SuspectCRC

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.176.11784

Kaspersky

Trojan.Win32.Agentb

14.0.0.3997

Malwarebytes

Trojan.Agent.ED

v2014.04.18.04

McAfee

Artemis!3683BC5D0FC1

5600.7156

MicroWorld eScan

Trojan.GenericKD.1639899

15.0.0.324

Norman

Suspicious_Gen5.AOLXN

11.20140418

nProtect

Trojan.GenericKD.1639899

14.04.17.03

Panda Antivirus

Trj/CI.A

14.04.18.04

Qihoo 360 Security

Trojan.Generic

1.0.0.1015

Quick Heal

Backdoor.Androm.r4

4.14.12.00

Sophos

Troj/Ransom-AHE

4.98

Trend Micro House Call

TROJ_SPNR.06DF14

7.2.108

Trend Micro

TROJ_SPNR.06DF14

10.465.18

VIPRE Antivirus

Trojan.Win32.Generic

28320

ViRobot

Trojan.Win32.S.Agent.333824.D

2011.4.7.4223

File size:

326 KB (333,824 bytes)

Product version:

9.2

Trademarks:

Collectorz™, Collectorz.com™

Original file name:

BookCollector.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\ProgramData\creativeaudio\bpvttlpxh.exe

File PE Metadata

Compilation timestamp:

4/12/2014 3:31:12 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

6144:hMDcKrmHhWCpfq6mxWo3MGbx2sMbw4HFcE/GbPHb7:hMDc5ICpfq6mxx3x2ns4lcE/Gj

Entry address:

0xAD12

Entry point:

E8, 3E, 43, 00, 00, E9, 89, FE, FF, FF, B8, 28, B0, 41, 00, C3, A1, 00, F5, 41, 00, 56, 6A, 14, 5E, 85, C0, 75, 07, B8, 00, 02, 00, 00, EB, 06, 3B, C6, 7D, 07, 8B, C6, A3, 00, F5, 41, 00, 6A, 04, 50, E8, EC, 43, 00, 00, 59, 59, A3, FC, E4, 41, 00, 85, C0, 75, 1E, 6A, 04, 56, 89, 35, 00, F5, 41, 00, E8, D3, 43, 00, 00, 59, 59, A3, FC, E4, 41, 00, 85, C0, 75, 05, 6A, 1A, 58, 5E, C3, 33, D2, B9, 28, B0, 41, 00, EB, 05, A1, FC, E4, 41, 00, 89, 0C, 02, 83, C1, 20, 83, C2, 04, 81, F9, A8, B2, 41, 00, 7C, EA, 6A... 
[+]

Code size:

84.5 KB (86,528 bytes)

Scheduled Task

Task name:

Windows Update Check - 0x0E7302EC

Trigger:

Logon (Runs on logon)

Remove bpvttlpxh.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.