home

Craib0.exe

Unextricable4

Axialis SA

The file Craib0.exe has been detected as malware by 32 anti-virus scanners.
Publisher:
TeraByte Unlimited  (signed by Axialis SA)

Product:
Unextricable4

Description:
Evarts2

Version:
1.00

MD5:
fc7250789ec59470cecda4d5b18468ca

SHA-1:
d77d5c2825c9e06f62457bdd8e45e457b3fe2997

SHA-256:
835ed20e57a3a92906130507f10cf151191436caf9401d99c40bb614ac8b48df

Scanner detections:
32 / 68

Status:
Malware

Analysis date:
5/10/2024 3:55:12 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Jaik.8823
392

Agnitum Outpost
Trojan.Injector
7.1.1

Avira AntiVirus
TR/Dropper.VB.37174
8.3.2.2

Arcabit
Trojan.Jaik.D2277
1.0.0.582

avast!
Win32:Agent-BAUD [Trj]
160108-0

AVG
Inject3
2017.0.2870

Baidu Antivirus
Trojan.Win32.Injector
4.0.3.1619

Bitdefender
Gen:Variant.Jaik.8823
1.0.20.45

Bkav FE
W32.GenericRepexitA.Trojan
1.3.0.7237

Comodo Security
UnclassifiedMalware
23445

Dr.Web
Trojan.PWS.Steam.6886
9.0.1.05190

Emsisoft Anti-Malware
Gen:Variant.Symmi.59205
10.0.0.5366

ESET NOD32
Win32/Injector.CJNN trojan
7.0.302.0

Fortinet FortiGate
W32/Injector.CJPA!tr
1/9/2016

F-Secure
Gen:Variant.Symmi.59205
5.05.7110

G Data
Gen:Variant.Jaik.8823
16.1.25

IKARUS anti.virus
Trojan.Win32.Injector
t3scan.1.9.5.0

K7 AntiVirus
Trojan
13.211.17582

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.843

Malwarebytes
Trojan.Tinba
v2016.01.09.09

McAfee
Trojan.Packed-FO!FC7250789EC5
16.8.708.2

Microsoft Security Essentials
VirTool:Win32/Injector.FQ
1.1.12101.0

MicroWorld eScan
Gen:Variant.Jaik.8823
17.0.0.27

NANO AntiVirus
Trojan.Win32.Steam.dxpoxp
0.30.26.3947

Norman
Gen:Variant.Symmi.59205
17.12.2015 06:34:11

Panda Antivirus
Generic Suspicious
16.01.09.09

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

Sophos
Virus 'Troj/VBInj-MC'
5.22

Trend Micro
TROJ_GEN.R08NC0PJ315
10.465.09

VIPRE Antivirus
Trojan.Win32.Generic
44666

ViRobot
Trojan.Win32.S.Agent.250096.C[h]
2014.3.20.0

Zillya! Antivirus
Trojan.Injector.Win32.323264
2.0.0.2457

File size:
244.2 KB (250,096 bytes)

Product version:
1.00

Original file name:
Craib0.exe

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\9291.tmp

Digital Signature
Signed by:
Axialis SA

Authority:
The USERTRUST Network

Valid from:
5/25/2010 9:00:00 PM

Valid to:
5/25/2013 8:59:59 PM

Subject:
CN=Axialis SA, O=Axialis SA, STREET="1, rue de Stockholm", L=Paris, S=IDF, PostalCode=75008, C=FR

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
547046B7B2A6FCFA4EA06B2A81A3AF8F

File PE Metadata
Compilation timestamp:
9/28/2015 9:34:20 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:hUU4a0fTF9JLUSTnYnZRPQgin1hOvpQcntyy8KCKVe:hUUcLLJLXTYkt1YxUy8KCKc

Entry address:
0x14EC

Entry point:
68, D0, 66, 43, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 38, 00, 00, 00, 00, 00, 00, 00, A7, C6, C4, 77, A1, 7F, 11, 47, B6, 46, 08, 9B, D3, 83, 1A, 2C, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, E0, 9A, 86, 00, 41, 67, 70, 61, 69, 74, 65, 00, 00, 00, 00, 00, FF, CC, 31, 00, 03, 7E, D2, 1F, 81, 95, FF, CC, 49, A6, 28, 43, 45, 1B, 74, CF, E4, 0B, 16, 07, DB, 81, E6, 79, 4E, 96, 1F, EB, 40, B2, 6C, 74, B6, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00, AA, 00, 60, D3, 93, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0/v6.0

Code size:
228 KB (233,472 bytes)

Remove Craib0.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.