» diana asphal 15.03.2017.com
Overview
Analysis
File Details

diana asphal 15.03.2017.com

The file diana asphal 15.03.2017.com has been detected as malware by 11 anti-virus scanners.

File name:

MD5:

4915209fb54dc864b7f66c6b3e063c99

SHA-1:

bf2d9aa30d25a91d4d23c6d0e41f174db47c9150

SHA-256:

ebf305a884dfeba487b55af66c2670b08efbd9cf79725399b005ba4462ac506d

Scanner detections:

11 / 68

Status:

Malware

Analysis date:

4/25/2024 8:07:54 PM UTC (today)

Scan engine

Detection

Engine version

AegisLab AV Signature

Troj.W32.Nymaim.to85

2.1.4+

Avira AntiVirus

TR/Crypt.ZPACK.rizbo

8.3.3.4

avast!

Win32:Malware-gen

2014.9-170316

Dr.Web

Trojan.Nymaim.143

9.0.1.075

ESET NOD32

Win32/TrojanDownloader.Nymaim.BA

11.15096

Fortinet FortiGate

W32/Kryptik.FPSB!tr

3/16/2017

F-Prot

W32/Trojan3.YSA

v6.4.7.1.166

IKARUS anti.virus

Trojan.Inject

0.2.1.2

Kaspersky

Trojan.Win32.Nymaim

14.0.0.-1317

McAfee

Trojan-FLPA!4915209FB54D

5600.6094

Sophos

Mal/Generic-S

4.98

File size:

675.5 KB (691,712 bytes)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\diana asphal 15.03.2017.com

File PE Metadata

Compilation timestamp:

10/15/2006 6:31:28 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.0

Entry address:

0x1000

Entry point:

6A, 00, FF, 15, 74, 6A, 41, 00, A3, 04, 2A, 42, 00, FF, 15, FC, 69, 41, 00, A3, 08, 2A, 42, 00, FF, 35, 08, 2A, 42, 00, 6A, 00, 68, FF, 0F, 1F, 00, FF, 15, 70, 6B, 41, 00, A3, 04, 2A, 42, 00, 0B, C0, 74, 72, 8D, 3D, 00, 29, 42, 00, C6, 07, 4D, 68, 08, 2A, 42, 00, 6A, 01, 68, 00, 29, 42, 00, 68, 00, 00, 40, 00, FF, 35, 04, 2A, 42, 00, FF, 15, 74, 6B, 41, 00, 8D, 3D, 00, 29, 42, 00, C6, 07, 4D, 68, 08, 2A, 42, 00, 6A, 01, 68, 00, 29, 42, 00, 68, 00, 00, 40, 00, FF, 35, 04, 2A, 42, 00, FF, 15, 74, 6B, 41, 00... 
[+]

Packer / compiler:

FASM v1.3x

Code size:

80.5 KB (82,432 bytes)

Remove diana asphal 15.03.2017.com - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.