» cute-spring-photo-collection-img001-jpeg.exe
Overview
Analysis
File Details
Downloads (1)

cute-spring-photo-collection-img001-jpeg.exe

The executable cute-spring-photo-collection-img001-jpeg.exe has been detected as malware by 23 anti-virus scanners. The file has been seen being downloaded from catalog.chaosium.com.

File name:

MD5:

eb94f50e74252e48252ea5a56505ae3d

SHA-1:

60fe19030e5b280914fc53d6763ee1949f5b3f24

SHA-256:

85c5bd97a226bce5cee197aaa2fabab479810f4c915a14f35c86416f14768650

Scanner detections:

23 / 68

Status:

Malware

Analysis date:

4/26/2024 10:59:39 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1620532

351

Agnitum Outpost

Trojan.PWS.Fareit

7.1.1

Avira AntiVirus

TR/Dropper.VB.13622

7.11.139.166

AVG

PSW.Generic12

2017.0.2829

Baidu Antivirus

Trojan.Win32.InfoStealer

4.0.3.16218

Bitdefender

Trojan.GenericKD.1620532

1.0.20.245

Bkav FE

HW32.CDB

1.3.0.4959

Emsisoft Anti-Malware

Trojan.GenericKD.1620532

8.16.02.18.07

ESET NOD32

Win32/Injector.BAQA

10.9605

Fortinet FortiGate

W32/Fareit.ALM!tr.pws

2/18/2016

F-Secure

Trojan.GenericKD.1620532

11.2016-18-02_5

G Data

Trojan.GenericKD.1620532

16.2.24

K7 AntiVirus

Riskware

13.176.11584

Kaspersky

Trojan-PSW.Win32.Fareit

14.0.0.641

Malwarebytes

Spyware.Passwords

v2016.02.18.07

McAfee

W32/Worm-FTD!Gamarue

5600.6485

Microsoft Security Essentials

VirTool:Win32/VBInject.ADA

1.10401

MicroWorld eScan

Trojan.GenericKD.1620532

17.0.0.147

Panda Antivirus

Trj/CI.A

16.02.18.07

Qihoo 360 Security

HEUR/Malware.QVM03.Gen

1.0.0.1015

Sophos

Mal/VB-ALM

4.98

Trend Micro House Call

TROJ_GEN.F47V0326

7.2.49

VIPRE Antivirus

Trojan.Win32.Generic

27792

File size:

154.4 KB (158,149 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\cute-spring-photo-collection-img001-jpeg.exe

File PE Metadata

Compilation timestamp:

3/26/2014 11:09:39 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

3072:cEsYKQ8Wr8boV8VmGpaGmYAZ3DUsGoyqwQJ4JEbhNILt:9sU3rDV8VD6YAZ342ZJ4JyNq

Entry address:

0x14EC

Entry point:

68, F8, 16, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, C0, 84, F7, 78, 76, 18, 4E, 40, B7, 80, B2, E6, 8C, 33, 78, E9, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 43, 69, 6F, 61, 6B, 61, 6E, 61, 68, 7A, 79, 7A, 61, 68, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 00, 33, 7C, 65, 58, D6, 2F, A6, 4F, B6, A6, 3D, 93, 19, 3C, E9, 0E, D8, 88, A2, 56, BE, 55, 55, 46, 94, F7, EA, 00, D9, 9F, 2D, E9, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00... 
[+]

Entropy:

7.3206

Developed / compiled with:

Microsoft Visual Basic v5.0

Code size:

28 KB (28,672 bytes)

The file cute-spring-photo-collection-img001-jpeg.exe has been seen being distributed by the following URL.

http://catalog.chaosium.com/?i01gv4gysxirjr=0a37802a51184e5b0a7d

Remove cute-spring-photo-collection-img001-jpeg.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.