home

carta_diciendote_todo_lo_que_no_me_atrevo_en_persona_pffff_.exe

BFFDLURONKÑFPMVL

Private LDK

The executable carta_diciendote_todo_lo_que_no_me_atrevo_en_persona_pffff_.exe has been detected as malware by 30 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.weebly.com.
Publisher:
Private LDK

Product:
BFFDLURONKÑFPMVL

Version:
1.00

MD5:
9d940651565fbb810d6779b8125fd328

SHA-1:
4064ca37ac77af8c2763d2ccc2d73475de262145

Scanner detections:
30 / 68

Status:
Malware

Analysis date:
4/25/2024 11:03:13 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.1621814
274

Agnitum Outpost
Backdoor.DarkKomet
7.1.1

Avira AntiVirus
BDS/DarkKomet.ckbq.1
7.11.151.154

avast!
Win32:Malware-gen
2014.9-160506

AVG
Inject2
2017.0.2752

Baidu Antivirus
Backdoor.Win32.DarkKomet
4.0.3.1656

Bitdefender
Trojan.GenericKD.1621814
1.0.20.635

Emsisoft Anti-Malware
Trojan.GenericKD.1621814
8.16.05.06.09

ESET NOD32
Win32/Injector.BARS (variant)
10.9851

Fortinet FortiGate
W32/AutoRun.DVXZ!worm
5/6/2016

F-Secure
Trojan.GenericKD.1621814
11.2016-06-05_6

G Data
Trojan.GenericKD.1621814
16.5.24

IKARUS anti.virus
Trojan.Inject2
t3scan.1.6.1.0

K7 AntiVirus
Riskware
13.178.12203

Kaspersky
Backdoor.Win32.DarkKomet
14.0.0.253

Malwarebytes
Backdoor.DarkKomet.VB
v2016.05.06.09

McAfee
GenericATG-FSP!9D940651565F
5600.6408

Microsoft Security Essentials
VirTool:Win32/VBInject.gen!IY
1.10600

MicroWorld eScan
Trojan.GenericKD.1621814
17.0.0.381

NANO AntiVirus
Trojan.Win32.DarkKomet.cwlgvj
0.28.0.59921

Norman
Troj_Generic.TJVVS
11.20160506

nProtect
Trojan.GenericKD.1621814
14.05.26.01

Panda Antivirus
Generic Malware
16.05.06.09

Qihoo 360 Security
Win32/Trojan.7f6
1.0.0.1015

Quick Heal
Trojan.VB.r3
5.16.14.00

Sophos
Mal/Generic-S
4.98

Trend Micro House Call
TROJ_GEN.R0CBC0UD914
7.2.127

Trend Micro
TROJ_GEN.R0CBC0UD914
10.465.06

Vba32 AntiVirus
Backdoor.DarkKomet
3.12.26.0

VIPRE Antivirus
Trojan.Win32.Generic
29624

File size:
497.6 KB (509,497 bytes)

Product version:
1.00

Original file name:
38.exe

File type:
Executable application (Win32 EXE)

Language:
Spanish

Common path:
C:\Documents and Settings\{user}\My documents\downloads\carta_diciendote_todo_lo_que_no_me_atrevo_en_persona_pffff_.exe

File PE Metadata
Compilation timestamp:
3/25/2014 3:40:07 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:WRJ78fZd5an6Op7nj2f85SPnomoUs4Sz1hFXAnbaX1l3/LTfOHbQ+m2:Wv8niDj20kno6kz1DwnQljbacF2

Entry address:
0x2140

Entry point:
68, 0C, 2D, 40, 00, E8, EE, FF, FF, FF, 00, 00, 48, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 31, F5, A7, 2D, EB, 8C, 90, 4A, BD, 42, 4E, AB, B8, 71, 44, 0B, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 20, 20, 20, 20, 20, 20, 53, 4B, 47, 41, 5A, 4E, 57, 4A, 00, 54, 72, 75, 65, 0D, 0A, 20, 00, 20, 43, 6C, 69, 65, 6E, 74, C0, 00, 00, 00, 90, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 07, 00, 00, 00, 50, CC, 6B, 66, AE, D1, 9F, 49, A5, 1C, F5, 83, E2, 55, 5D, D6, 01, 00, 00, 00, A0, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
212 KB (217,088 bytes)

The file carta_diciendote_todo_lo_que_no_me_atrevo_en_persona_pffff_.exe has been seen being distributed by the following URL.

http://www.weebly.com/uploads/2/8/2/7/.../carta_diciendote_todo_lo_que_no_me_atrevo_en_persona_pffff_.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.