» crypted2.exe
Overview
Analysis
File Details

crypted2.exe

The executable crypted2.exe has been detected as malware by 13 anti-virus scanners. This backdoor trojan may be used to conduct distributed denial of service attacks, or used to install additional trojans or other forms of malicious software as well as can steal your sensitive information.

File name:

crypted2.exe

MD5:

6cb2dea83f2c52eca57cade9824fff95

SHA-1:

3882b2e99f4eff68b95ca47d73ba4188fc03412c

SHA-256:

74a48fb7ed557c8eb30a08984ad0ed905b9d915ff9b637701d20ba7413bd67f9

Scanner detections:

13 / 68

Status:

Malware

Analysis date:

4/23/2024 4:42:37 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Dropper.Gen7

7.11.163.178

avast!

MSIL:GenMalicious-M [Trj]

2014.9-140822

AVG

PSW.ILUSpy

2015.0.3374

ESET NOD32

MSIL/Bladabindi.BF (variant)

8.10144

F-Prot

W32/MSIL_Bladabindi.A2.gen

v6.4.7.1.166

IKARUS anti.virus

Backdoor.MSIL

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.181.12819

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.3366

Microsoft Security Essentials

Backdoor:MSIL/Bladabindi.AJ

1.10802

NANO AntiVirus

Trojan.Win32.Bladabi.cxlepk

0.28.2.60990

Qihoo 360 Security

Malware.QVM03.Gen

1.0.0.1015

Vba32 AntiVirus

TrojanDropper.Agent

3.12.26.3

VIPRE Antivirus

Backdoor.MSIL.Bladabindi.a

31542

File size:

35 KB (35,840 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

7/13/2014 3:41:48 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

768:WBh8zpRolwFFfcr9/TiEXD4STpp2zOFvkfWK+z:E8zpRoiFcBTiEXDVXCgvQW

Entry address:

0x7340

Entry point:

FF, 25, 30, 73, 40, 00, 00, 00, 5F, 43, 6F, 72, 45, 78, 65, 4D, 61, 69, 6E, 00, 6D, 73, 63, 6F, 72, 65, 65, 2E, 64, 6C, 6C, 00, 18, 0F, 00, 00, 89, 50, 4E, 47, 0D, 0A, 1A, 0A, 00, 00, 00, 0D, 49, 48, 44, 52, 00, 00, 00, 30, 00, 00, 00, 30, 08, 06, 00, 00, 00, 57, 02, F9, 87, 00, 00, 0E, DF, 49, 44, 41, 54, 78, 5E, EC, 94, CD, 6B, 13, 41, 18, 87, F7, 9D, 99, 9D, DD, 4D, AA, D6, A4, B5, 21, A6, 21, 49, 63, 08, FD, 50, 8B, 49, 4B, 4D, 6C, 34, 52, CD, 41, B4, 52, FF, 01, D1, 83, 28, 78, F1, 20, 6A, A0, 57, 7B... 
[+]

Code size:

33 KB (33,792 bytes)

Remove crypted2.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.