» cdma_workshop_full_cracked.exe
Overview
Analysis
File Details

cdma_workshop_full_cracked.exe

The executable cdma_workshop_full_cracked.exe has been detected as malware by 18 anti-virus scanners.

File name:

MD5:

5b9dea1177a0c59f0b46d654e29a80f4

SHA-1:

27e32fdc2144c2a9df25206dd02c097aef3ee54b

SHA-256:

01f3ca3851d7586dfec3d3e02d1387af1f9acb9b299e38559f9b1dfec3810266

Scanner detections:

18 / 68

Status:

Malware

Analysis date:

4/25/2024 8:51:56 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Trojan.Orsam

7.1.1

AhnLab V3 Security

Win-Trojan/Xema.variant

2015.08.19

Avira AntiVirus

TR/Spy.4485632

7.11.30.172

AVG

Generic26

2016.0.3013

Bkav FE

HW32.CDB

1.3.0.4959

Fortinet FortiGate

W32/Packed.2D18!tr

8/18/2015

F-Prot

W32/Themida_Packed

v6.4.7.1.166

K7 AntiVirus

Trojan

13.176.11378

McAfee

Generic.dx

5600.6669

NANO AntiVirus

Trojan.Win32.4485632.dlopu

0.28.0.58101

Norman

Suspicious.D2!genr

11.20151004

nProtect

Trojan/W32.Agent.4485632

14.03.09.01

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

CRCK_PATCH

7.2.277

Vba32 AntiVirus

Backdoor.Rbot

3.12.26.4

VIPRE Antivirus

Threat.4150696

41424

ViRobot

Backdoor.Win32.A.Rbot.2258809[h]

2014.3.20.0

Zillya! Antivirus

Backdoor.RBot.Win32.23974

2.0.0.2358

File size:

4.3 MB (4,485,632 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

6/20/1992 1:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

98304:4/GpdQ7ECtEWFeMuOl5/3HQsIs7p0DI0Zx+mAbe7Xg1M4mw+:gGp0FjuGB3wHi0DVv+fWXg1M4/+

Entry address:

0xD6014

Entry point:

B8, 00, 00, 00, 00, 60, 0B, C0, 74, 68, E8, 00, 00, 00, 00, 58, 05, 53, 00, 00, 00, 80, 38, E9, 75, 13, 61, EB, 45, DB, 2D, 37, 60, 4D, 00, FF, FF, FF, FF, FF, FF, FF, FF, 3D, 40, E8, 00, 00, 00, 00, 58, 25, 00, F0, FF, FF, 33, FF, 66, BB, 19, 5A, 66, 83, C3, 34, 66, 39, 18, 75, 12, 0F, B7, 50, 3C, 03, D0, BB, E9, 44, 00, 00, 83, C3, 67, 39, 1A, 74, 07, 2D, 00, 10, 00, 00, EB, DA, 8B, F8, B8, 90, EF, 4B, 00, 03, C7, B9, 6A, 62, 0D, 00, 03, CF, EB, 0A, B8, 90, EF, 8B, 00, B9, 6A, 62, 4D, 00, 50, 51, E8, 84... 
[+]

Entropy:

7.9054

Packer / compiler:

Themida 1.8.x.x

Code size:

673.5 KB (689,664 bytes)

Remove cdma_workshop_full_cracked.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.