home

control.exe

Control

Control Typelib Cache

The executable control.exe has been detected as malware by 34 anti-virus scanners.
Publisher:
Control Typelib Cache

Product:
Control

Description:
Microsoft

Version:
1.00

MD5:
f32f357842d54e80eff600331ffbd1f2

SHA-1:
d663f616521bc02c4a123fa99d76eadec118d318

SHA-256:
2494577a590fdddf0bdd824eb68eef17648000de696eec9f6653e8a30b09e029

Scanner detections:
34 / 68

Status:
Malware

Analysis date:
4/25/2024 4:26:17 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Symmi.37762
887

Agnitum Outpost
Trojan.Writos
7.1.1

AhnLab V3 Security
Trojan/Win32.Writos
2014.08.23

Avira AntiVirus
TR/Dropper.Gen
7.11.168.230

avast!
Win32:Malware-gen
2014.9-140901

AVG
VB2
2015.0.3365

Bitdefender
Gen:Variant.Symmi.37762
1.0.20.1220

Comodo Security
TrojWare.Win32.Writos.QOXZ
19286

Dr.Web
Trojan.DownLoader9.19038
9.0.1.0244

Emsisoft Anti-Malware
Gen:Variant.Symmi.37762
8.14.09.01.04

ESET NOD32
Win32/VB.NPY (variant)
8.10300

Fortinet FortiGate
W32/VB.DXE!tr
9/1/2014

F-Prot
W32/VBInject.J.gen
v6.4.7.1.166

F-Secure
Gen:Variant.Symmi.37762
11.2014-01-09_2

G Data
Gen:Variant.Symmi.37762
14.9.24

IKARUS anti.virus
Backdoor.Win32.Blohi
t3scan.1.7.5.0

K7 AntiVirus
P2PWorm
13.183.13139

Malwarebytes
Trojan.Agent.MNR
v2014.09.01.04

McAfee
ObfuscatedAOT!hb!F32F357842D5
5600.7021

Microsoft Security Essentials
Backdoor:Win32/Blohi.B
1.10904

MicroWorld eScan
Gen:Variant.Symmi.37762
15.0.0.732

NANO AntiVirus
Trojan.Win32.Writos.cqiumu
0.28.2.61721

nProtect
Trojan/W32.Writos.443625
14.08.22.01

Panda Antivirus
Trj/Genetic.gen
14.09.01.04

Rising Antivirus
PE:Trojan.Win32.Generic.171CD6C6!387765958
23.00.65.14830

Sophos
Mal/VBCheMan-A
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Backdoor
10387

Total Defense
Win32/Tnega.YYCLOFB
37.0.11137

Trend Micro House Call
BKDR_BLOHI.SM
7.2.244

Trend Micro
BKDR_BLOHI.SM
10.465.01

Vba32 AntiVirus
Trojan.Writos
3.12.26.3

VIPRE Antivirus
Trojan.Win32.Generic
32466

ViRobot
Trojan.Win32.Agent.443621
2011.4.7.4223

Zillya! Antivirus
Trojan.Writos.Win32.183
2.0.0.1899

File size:
433.2 KB (443,625 bytes)

Product version:
1.00

Original file name:
zero.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\control.exe

File PE Metadata
Compilation timestamp:
11/9/2013 4:14:55 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:hASpHmw6eD3h/iI1UUjT3pZNFzg9R+sweu2ubSXVgwsUI69R:hlHIeD3h/N1jpZNi9R+swevu2XVgwZR

Entry address:
0x1248

Entry point:
68, DC, 75, 40, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 40, 29, 48, 6E, 39, AB, DC, 4E, 8D, 44, 75, 28, 9A, 6D, E5, 68, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 67, 73, 61, 66, 73, 61, 74, 73, 61, 63, 78, 7A, 67, 00, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 00, 4B, CD, B4, 48, DB, 5A, 3E, 4F, 89, 50, 57, 65, 35, D3, A6, 5F, B9, 04, BA, F6, 78, 40, 2A, 40, 9F, 27, C0, 7A, D7, 67, 5C, 1C, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
7.1966

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
400 KB (409,600 bytes)

Remove control.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.