» coffin1.exe
Overview
Analysis
File Details

coffin1.exe

Codem SAW-Crypt Generator

The executable coffin1.exe has been detected as malware by 18 anti-virus scanners.

File name:

coffin1.exe

Publisher:

Codem SAW-Crypt Generator

Product:

Codem SAW-Crypt Generator

Version:

1.0.0.0

MD5:

584821351504d0e091eaeed143067d86

SHA-1:

8a9adc6ec7bd1c0ddea947e3ef5e07966a86d82e

SHA-256:

4ab969d72ec272d8c2ba6cb96c9bfa9c30cb397ee534ee771c8c753e29320a38

Scanner detections:

18 / 68

Status:

Malware

Analysis date:

4/16/2024 2:45:15 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1767620

924

Avira AntiVirus

TR/Rogue.11534671

7.11.163.246

avast!

Win32:Malware-gen

140617-1

AVG

Found Luhe.Fiha.AP

2014.0.3986

Bitdefender

Trojan.GenericKD.1767620

1.0.20.1030

Comodo Security

UnclassifiedMalware

18969

Emsisoft Anti-Malware

Trojan.GenericKD.1767620

8.14.07.25.01

ESET NOD32

MSIL/Injector.BOX trojan

7.0.302.0

F-Secure

Trojan.GenericKD.1767620

11.2014-25-07_6

G Data

Trojan.GenericKD.1767620

14.7.24

IKARUS anti.virus

Backdoor.Win32.Bifrose

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.181.12846

Kaspersky

Backdoor.Win32.Bifrose

15.0.0.494

MicroWorld eScan

Trojan.GenericKD.1767620

15.0.0.618

nProtect

Trojan.GenericKD.1767620

14.07.25.01

Panda Antivirus

Bck/Bifrost.gen

14.07.25.01

Vba32 AntiVirus

Trojan.Refroso

3.12.26.3

VIPRE Antivirus

Threat.4657539

31208

File size:

753.9 KB (771,997 bytes)

Product version:

1.0.0.0

Codem SAW-Crypt Generator

Original file name:

Crypt1.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Windows\System32\coffin1.exe

File PE Metadata

Compilation timestamp:

7/8/2014 11:32:49 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

6144:xhExHNziUFIQZWDEFUu7E+0/2/JZo6dh32QZ4pb7AT53E4kZUI:EDzqu7Oa2QZ4lAT50UI

Entry address:

0xBCE4E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.8245

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

748 KB (765,952 bytes)

Remove coffin1.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.