» cyberclient.exe
Overview
Analysis
File Details
Behaviors (1)

cyberclient.exe

CyberPlanet

FIDEL HORACIO DALI

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Client’.

File name:

cyberclient.exe

Publisher:

Proyecto Redes (signed by FIDEL HORACIO DALI)

Product:

CyberPlanet

Version:

6.00.0011

MD5:

767057f593906196de0e9cf14c2d5897

SHA-1:

57cbfa2207bd1c0b99fd17cba251f0bf1d48d15a

Scanner detections:

16 / 68

Status:

Clean (16 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/18/2024 6:42:41 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.6932339

356

Avira AntiVirus

TR/Offend.6932341.3

7.11.209.218

avast!

Win32:Malware-gen

2014.9-160214

Bitdefender

Trojan.Generic.6932339

1.0.20.225

Comodo Security

UnclassifiedMalware

21053

Dr.Web

BACKDOOR.Trojan

9.0.1.045

Emsisoft Anti-Malware

Trojan.Generic.6932339

8.16.02.14.01

F-Secure

Trojan.Generic.6932339

11.2016-14-02_1

G Data

Trojan.Generic.6932339

16.2.25

IKARUS anti.virus

Trojan.Offend

t3scan.1.8.6.0

McAfee

Artemis!081DC79D1F2D

5600.6490

MicroWorld eScan

Trojan.Generic.6932339

17.0.0.135

nProtect

Trojan.Generic.6932339

15.02.12.01

Qihoo 360 Security

HEUR/Malware.QVM01.Gen

1.0.0.1015

Rising Antivirus

PE:Trojan.Win32.Generic.13730177!326304119

23.00.65.16212

Vba32 AntiVirus

BScope.Trojan.Diple

3.12.26.3

File size:

635.7 KB (650,984 bytes)

Product version:

6.00.0011

Fidel Dali

Trademarks:

Proyecto Redes

Original file name:

cyberclient.exe

File type:

Executable application (Win32 EXE)

Language:

Spanish

Common path:

C:\Program Files\cyberclient\cyberclient.exe

Digital Signature

Signed by:

FIDEL HORACIO DALI

Authority:

The USERTRUST Network

Valid from:

7/15/2010 9:00:00 PM

Valid to:

7/16/2011 8:59:59 PM

Subject:

CN=FIDEL HORACIO DALI, O=FIDEL HORACIO DALI, STREET=Ciudad De La Paz 1701, L=Ciudad de Buenos Aires, S=Buenos Aires, PostalCode=1426, C=AR

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

00E3ECFF8CB34CC62F22F45BA9EBCF5E4A

File PE Metadata

Compilation timestamp:

5/6/2011 2:54:43 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

12288:8dGqruEWQgxlYL7XsUMuEw1u9mBj4wB63rx0gulU/yQXpkjIyD:88u14EXMuxQ9mVB6F7ulUKjl

Entry address:

0x1ED940

Entry point:

0F, BE, D3, 33, CA, 81, C8, 18, C1, 35, 34, 8D, 2D, D7, C5, 62, 17, 0F, CB, 57, C7, C0, 28, BE, A8, 02, 5E, 0B, FA, 81, FE, 09, DC, 00, 00, 75, 05, BD, E8, 41, 40, 62, 2B, CE, F6, C7, 8C, 68, AF, E3, 1D, 00, 50, BD, C4, 30, 0C, 95, 21, DD, F6, DA, 38, C9, 05, E9, 23, D6, 12, 3B, EE, BB, F0, 33, FF, FF, 38, D6, 81, F3, 75, CD, 00, 00, B5, 5E, 81, C3, 7B, 01, 00, 00, 15, 4E, A4, 24, 48, 81, C3, 46, 0F, 00, 00, 81, FA, 74, 04, 00, 00, 72, 06, F7, D0, 84, F0, FF, C6, 81, EB, 46, 0F, 00, 00, 87, D7, 38, FA, 3B... 
[+]

Code size:

524 KB (536,576 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

Client

Command:

C:\Program Files\cyberclient\cyberclient.exe

Scan cyberclient.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.