» cachedump.exe
Overview
Analysis
File Details

cachedump.exe

The application cachedump.exe has been detected as a potentially unwanted program by 24 anti-malware scanners.

File name:

cachedump.exe

MD5:

9de5b79050879af333d8a0ec555d6b57

SHA-1:

645ef72ca81627c351b5e8f9652b7a3399ac815f

SHA-256:

cf58ca5bf8c4f87bb67e6a4e1fb9e8bada50157dacbd08a92a4a779e40d569c4

Scanner detections:

24 / 68

Status:

Potentially unwanted

Analysis date:

5/14/2024 4:37:14 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Trojan.CacheDump

7.1.1

Avira AntiVirus

SPR/PSW.CacheDump.H

7.11.151.204

AVG

Tool

2015.0.3404

Baidu Antivirus

HackTool.Win32.CacheDump

4.0.3.14723

Bkav FE

W32.Clod098.Trojan

1.3.0.4959

Clam AntiVirus

Win.Trojan.Cachedump-2

0.98/213

Comodo Security

UnclassifiedMalware

18347

Dr.Web

Tool.Pwdump.79

9.0.1.0204

ESET NOD32

Win32/CacheDump

8.9857

F-Prot

W32/Trojan2.MHUJ

v6.4.7.1.166

IKARUS anti.virus

HackTool.Win32.Fgdump

t3scan.1.6.1.0

K7 AntiVirus

Hacktool

13.178.12212

Kaspersky

not-a-virus:PSWTool.Win32.CacheDump

14.0.0.3517

Malwarebytes

PUP.PasswordDump

v2014.07.23.04

McAfee

PWCrack-Pwdump

5600.7060

Microsoft Security Essentials

HackTool:Win32/Fgdump

1.10600

NANO AntiVirus

Riskware.Win32.CacheDump.bcsye

0.28.0.59921

Norman

Suspicious_Gen2.PHDPW

11.20140723

Panda Antivirus

Application/Pwdump.J

14.07.23.04

Rising Antivirus

PE:Trojan.Win32.Generic.123E9E4D!306093645

23.00.65.14721

Trend Micro House Call

HKTL_PWDUMP

7.2.204

Trend Micro

HKTL_PWDUMP

10.465.23

VIPRE Antivirus

Trojan.Win32.Generic

29676

Zillya! Antivirus

Tool.CacheDump.Win32.24

2.0.0.1803

File size:

124 KB (126,976 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Documents and Settings\{user}\Local settings\temp\cachedump.exe

File PE Metadata

Compilation timestamp:

4/4/2008 3:10:07 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

8.0

CTPH (ssdeep):

3072:C4HNw571LQrs4ZH0hioqKLivy8QXXBJ2Onkt5:7ukrs2Uhij3suF

Entry address:

0x4437

Entry point:

E8, DD, 65, 00, 00, E9, 40, FE, FF, FF, B8, 68, D0, 41, 00, C3, A1, 60, 9D, 42, 00, 85, C0, 56, 6A, 14, 5E, 75, 07, B8, 00, 02, 00, 00, EB, 06, 3B, C6, 7D, 07, 8B, C6, A3, 60, 9D, 42, 00, 6A, 04, 50, E8, B0, 66, 00, 00, 85, C0, 59, 59, A3, 48, 8D, 42, 00, 75, 1E, 6A, 04, 56, 89, 35, 60, 9D, 42, 00, E8, 97, 66, 00, 00, 85, C0, 59, 59, A3, 48, 8D, 42, 00, 75, 05, 6A, 1A, 58, 5E, C3, 33, D2, B9, 68, D0, 41, 00, EB, 05, A1, 48, 8D, 42, 00, 89, 0C, 02, 83, C1, 20, 83, C2, 04, 81, F9, E8, D2, 41, 00, 7C, EA, 6A... 
[+]

Entropy:

6.4229

Code size:

96 KB (98,304 bytes)

Remove cachedump.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.