» conquercodes.exe
Overview
Analysis
File Details

conquercodes.exe

The executable conquercodes.exe has been detected as malware by 31 anti-virus scanners. This backdoor trojan may be used to conduct distributed denial of service attacks, or used to install additional trojans or other forms of malicious software as well as can steal your sensitive information.

File name:

conquercodes.exe

MD5:

ed2ddf9389f84b8632163cd95ee536e5

SHA-1:

33345c82750d037fe2829bb9a6aea15a1e51c989

SHA-256:

2502e1c7bcc2b8ef79f2f7c1d8306e332357b0598906af4c8f411bbfcae71b40

Scanner detections:

31 / 68

Status:

Malware

Analysis date:

4/26/2024 9:38:26 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.254666

5650986

AhnLab V3 Security

Trojan/Win32.ADH

2015.04.21

avast!

MSIL:GenMalicious-V [Trj]

150414-0

AVG

Win.Threat.High

2014.0.4311

Bitdefender

Gen:Variant.Kazy.254666

1.0.20.555

Clam AntiVirus

Win.Backdoor.Bladabindi-1

0.98/20353

Comodo Security

TrojWare.MSIL.Bladabindi.KX

21843

Dr.Web

Trojan.DownLoader10.45391

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Kazy.254666

9.0.0.4799

ESET NOD32

MSIL/Bladabindi.F trojan

7.0.302.0

Fortinet FortiGate

MSIL/Agent.PPV!tr

4/21/2015

F-Prot

W32/MSIL_Bladabindi.J.gen

v6.4.7.1.166

F-Secure

Gen:Variant.Kazy.254666

5.13.68

G Data

Gen:Variant.Kazy.254666

15.4.25

IKARUS anti.virus

Trojan.MSIL.Bladabindi

t3scan.1.8.9.0

K7 AntiVirus

Trojan

13.202.15655

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.2158

Malwarebytes

Trojan.MSIL

v2015.04.21.08

McAfee

Trojan.BackDoor-NJRat!ED2DDF9389F8

16.8.708.2

Microsoft Security Essentials

Backdoor:MSIL/Bladabindi.AJ

1.1.11602.0

MicroWorld eScan

Gen:Variant.Kazy.254666

16.0.0.333

NANO AntiVirus

Trojan.Win32.DownLoader10.dbxzfj

0.30.20.1219

Norman

Gen:Variant.Kazy.254666

03.12.2014 13:20:04

Quick Heal

Backdoor.Bladabindi.AL3

4.15.14.00

Rising Antivirus

PE:Backdoor.Bot!1.6675

23.00.65.15419

Sophos

Mal/Bbindi-C

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Barys

9922

Trend Micro House Call

BKDR_BLADABI.SMC

7.2.111

Trend Micro

BKDR_BLADABI.SMC

10.465.21

Vba32 AntiVirus

TrojanSpy.MSIL.KeyLogger

3.12.26.3

VIPRE Antivirus

Threat.4792715

39354

File size:

235 KB (240,640 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\conquercodes.exe

File PE Metadata

Compilation timestamp:

4/18/2015 12:13:01 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

3072:nSsLA29nH4MCc8sjc2C9FUJyhnf66UTX8zu/l8u2QZjVViURLl7WdR01:r9Y5EG7f28zs3ZniCLlW

Entry address:

0x8B0E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.4454

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

27 KB (27,648 bytes)

Remove conquercodes.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.