home

dfx11setup_softexia.com.exe

The executable dfx11setup_softexia.com.exe has been detected as malware by 35 anti-virus scanners. The file has been seen being downloaded from www.softexia.com.
MD5:
ab1b3e85faa0a194dcbf606009d1760b

SHA-1:
82c8a0bbd84940e8fe97254c9b9bae6c472392f2

SHA-256:
6996b3f943da24454bdb2450014e7823e38194af0b9793973536c221b95d9899

Scanner detections:
35 / 68

Status:
Malware

Analysis date:
4/25/2024 10:22:03 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Win32.Runouce.B@mm
5742490

Agnitum Outpost
I-Worm.Chir.B
7.1.1

AhnLab V3 Security
Win32/ChiHack.6652
2015.11.10

Avira AntiVirus
W32/Chir.B
8.3.2.2

Arcabit
Win32.Runouce.E2C45E
1.0.0.593

avast!
Win32:Runouce-E [Trj]
151024-0

AVG
Win32/Chir
2015.0.4355

Bitdefender
Win32.Runouce.B@mm
1.0.20.1565

Clam AntiVirus
WIN.Worm.Brontok
0.98/21048

Comodo Security
EmailWorm.Win32.Runonce.~v001
23561

Dr.Web
Win32.Runonce.6652
9.0.1.05190

Emsisoft Anti-Malware
Win32.Runouce.B@mm
10.0.0.5366

ESET NOD32
Win32/Chir.B virus
7.0.302.0

Fortinet FortiGate
W32/Chir.B@mm
11/9/2015

F-Prot
W32/Agent.JX.gen!Eldorado (generic, damaged, not disinfectable)
4.6.5.141

F-Secure
Win32.Runouce.B@mm
5.15.21

G Data
Win32.Runouce.B@mm
15.11.25

IKARUS anti.virus
Email-Worm.Win32.Runouce
t3scan.1.9.5.0

Kaspersky
Email-Worm.Win32.Runouce
15.0.0.543

McAfee
Virus.W32/Chir.gen@MM!remanants
18.0.204.0

MicroWorld eScan
Win32.Runouce.B@mm
16.0.0.939

NANO AntiVirus
Trojan.Win32.IframeExec.dteiuc
0.30.26.4437

Norman
Win32.Runouce.B@mm
07.10.2015 03:16:12

nProtect
Win32.Runouce.B@mm
15.11.09.01

Panda Antivirus
Generic Malware
15.11.09.11

Qihoo 360 Security
Virus.Win32.CNHacker.B
1.0.0.1077

Quick Heal
W32.Runouce.B
11.15.14.00

Rising Antivirus
PE:Worm.Runouce!1.9DC6 [F]
23.00.65.151107

Sophos
Virus 'W32/Chir-B'
5.15

Total Defense
Win32/Chir.B
37.1.62.1

Trend Micro House Call
WORM_CHIR.DI
7.2.313

Trend Micro
WORM_CHIR.DI
10.465.09

VIPRE Antivirus
Threat.4672667
45062

ViRobot
Win32.Chir.B[h]
2014.3.20.0

Zillya! Antivirus
Worm.RunOnce.Win32.2
2.0.0.2500

File size:
52.9 KB (54,141 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\dfx11setup_softexia.com.exe

File PE Metadata
Compilation timestamp:
2/24/2012 10:19:59 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
1536:BVdePelp2Xy+tuQOiisKldJrisKldJmisKldJIisKldJbisKldJ:SweatQtrtttAt

Entry address:
0x307581

Entry point:
4D, 5A, 90, 00, 03, 00, 00, 00, 04, 00, 00, 00, FF, FF, 00, 00, B8, 00, 00, 00, 00, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, D0, 00, 00, 00, 0E, 1F, BA, 0E, 00, B4, 09, CD, 21, B8, 01, 4C, CD, 21, 54, 68, 69, 73, 20, 70, 72, 6F, 67, 72, 61, 6D, 20, 63, 61, 6E, 6E, 6F, 74, 20, 62, 65, 20, 72, 75, 6E, 20, 69, 6E, 20, 44, 4F, 53, 20, 6D, 6F, 64, 65, 2E, 0D, 0D, 0A, 24, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.4347

Code size:
28 KB (28,672 bytes)

The file dfx11setup_softexia.com.exe has been seen being distributed by the following URL.

http://www.softexia.com/.../dfx11Setup_softexia.com.exe

Remove dfx11setup_softexia.com.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.