» console id stealer and generator v2.exe
Overview
Analysis
File Details
Downloads (3)

console id stealer and generator v2.exe

ConsoleID

The executable console id stealer and generator v2.exe has been detected as malware by 26 anti-virus scanners. The file has been seen being downloaded from download652.mediafire.com and multiple other hosts.

File name:

Product:

ConsoleID

Version:

1.0.0.0

MD5:

801002fb249052020171cdbae4b4849d

SHA-1:

da8eb75bef5add2cbda4972a500db9b728dacbe8

SHA-256:

ac532b48f689599acc41d9ddb61c3d1c4e91b49842b9c6902b2c4dc956b6128b

Scanner detections:

26 / 68

Status:

Malware

Analysis date:

5/16/2024 8:44:41 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.14848376

430

Agnitum Outpost

Trojan.PWS.Agent

7.1.1

Avira AntiVirus

TR/Spy.Gen

8.3.2.4

Arcabit

Trojan.Generic.DE29178

1.0.0.624

avast!

Win32:Malware-gen

2014.9-151202

AVG

PSW.MSIL

2016.0.2908

Baidu Antivirus

Trojan.MSIL.Agent

4.0.3.15122

Bitdefender

Trojan.Generic.14848376

1.0.20.1680

Comodo Security

UnclassifiedMalware

23659

Emsisoft Anti-Malware

Trojan.Generic.14848376

8.15.12.02.08

ESET NOD32

MSIL/PSW.Agent.PIZ

9.12626

Fortinet FortiGate

MSIL/Agent.OFU!tr

12/2/2015

F-Secure

Trojan.Generic.14848376

11.2015-02-12_4

G Data

Trojan.Generic.14848376

15.12.25

IKARUS anti.virus

Trojan.MSIL.PSW

t3scan.1.9.5.0

K7 AntiVirus

Password-Stealer

13.212.17974

Kaspersky

UDS:DangerousObject.Multi.Generic

14.0.0.1033

McAfee

RDN/Generic PWS.y

5600.6564

MicroWorld eScan

Trojan.Generic.14848376

16.0.0.1008

NANO AntiVirus

Trojan.Win32.Agent.dufyax

0.30.26.4751

nProtect

Trojan.Generic.14848376

15.11.26.01

Panda Antivirus

Trj/Sharik.B

15.12.02.08

Qihoo 360 Security

HEUR/QVM03.0.Malware.Gen

1.0.0.1077

Sophos

Mal/Generic-S

4.98

Trend Micro

TROJ_GEN.R03EC0VHT15

10.465.02

VIPRE Antivirus

Trojan.Win32.Generic

45436

File size:

499 KB (510,976 bytes)

Product version:

1.0.0.0

Original file name:

ConsoleID.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\console id stealer and generator v2.exe

File PE Metadata

Compilation timestamp:

7/9/2015 8:22:41 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

6144:qBLwxuo5+o5E/Jm+iqIIKu22xYO1F9Rrd0guyLSTKTFo4pJwH5i:6EE/JFizuP7Bdd04JFoG85

Entry address:

0x7B11E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.2338

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

484.5 KB (496,128 bytes)

The file console id stealer and generator v2.exe has been seen being distributed by the following 3 URLs.

http://download652.mediafire.com/wfdo0ze5z7sg/.../Console ID Stealer and Generator v2.exe

http://download652.mediafire.com/xz0k61ls8usg/.../Console ID Stealer and Generator v2.exe

http://download1183.mediafire.com/sv21d1w2ncvg/.../Console ID Stealer and Generator v2.exe

Remove console id stealer and generator v2.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.