home

dd0d91dd1b0bdad10498a8f777921449

Product

Dean Herbert

The file dd0d91dd1b0bdad10498a8f777921449 has been detected as malware by 19 anti-virus scanners.
Publisher:
Company  (signed by Dean Herbert)

Product:
Product

Description:
Title

Version:
0.0.0.0

MD5:
dd0d91dd1b0bdad10498a8f777921449

SHA-1:
dfcf85edcb6fcf3de893b047c6b3f74ea2ffa688

SHA-256:
13356b2661a8432ca1bd18c4bf624d14817d5833484a5092375ce1a9d7e477f5

Scanner detections:
19 / 68

Status:
Malware

Analysis date:
4/25/2024 1:02:19 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.1983339
804

AhnLab V3 Security
Spyware/Win32.Limitail
2014.11.20

Avira AntiVirus
TR/Dropper.MSIL.97820
7.11.187.128

AVG
MSIL5
2015.0.3282

Baidu Antivirus
Trojan.MSIL.Injector
4.0.3.141123

Bitdefender
Trojan.GenericKD.1983339
1.0.20.1635

Dr.Web
Trojan.PWS.Siggen.36594
9.0.1.0327

Emsisoft Anti-Malware
Trojan.MSIL.Injector
8.14.11.23.09

ESET NOD32
MSIL/Injector.GEF (variant)
8.10750

Fortinet FortiGate
MSIL/Injector.FZD!tr
11/23/2014

G Data
Trojan.GenericKD.1983339
14.11.24

IKARUS anti.virus
Trojan.MSIL.Inject
t3scan.1.8.3.0

Kaspersky
Trojan.MSIL.Kryptik
14.0.0.2903

Malwarebytes
Trojan.MSIL
v2014.11.23.09

McAfee
Artemis!DD0D91DD1B0B
5600.6938

MicroWorld eScan
Trojan.GenericKD.1983339
15.0.0.981

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

Sophos
Troj/dnCreek-D
4.98

Trend Micro House Call
Suspicious_GEN.F47V1119
7.2.327

File size:
316.1 KB (323,664 bytes)

Product version:
0.0.0.0

Copyright:
Copyrights

Trademarks:
Trademark

Original file name:
dummy.exe

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\91\dd0d91dd1b0bdad10498a8f777921449

Digital Signature
Signed by:
Dean Herbert

Authority:
COMODO CA Limited

Valid from:
9/28/2012 1:00:00 AM

Valid to:
9/29/2015 12:59:59 AM

Subject:
CN=Dean Herbert, O=Dean Herbert, STREET=41 Gregory Street, STREET=Wembley, L=Perth, S=WA, PostalCode=6014, C=AU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00FD15503D4AF404C84200F5CCC3C99380

File PE Metadata
Compilation timestamp:
11/17/2014 8:00:13 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:rPh6tyMlU+2h6tyMlF+H/n/NEpjcvST+ROEPOovzKg:rPh6tyMlU5h6tyMl4n/NE0POSn

Entry address:
0x363FE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.0235

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
209.5 KB (214,528 bytes)

Remove dd0d91dd1b0bdad10498a8f777921449 - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.