» doc-00-7o-docs_googleusercontent_com
Overview
Analysis
File Details
Downloads (1)

doc-00-7o-docs_googleusercontent_com

video

The file doc-00-7o-docs_googleusercontent_com has been detected as malware by 20 anti-virus scanners. The file has been seen being downloaded from goo.gl.

File name:

Publisher:

video

Product:

video

Version:

1.0.0.0

MD5:

a5e83c16d79ac9e6f4ac343ac69d3454

SHA-1:

e4deab01be1ddf2861b7dec67904b9ed86cd9d37

SHA-256:

12c3f877a12dcc143c735ed143db4d879a2d2175bd8a633376bec010ceacf7ac

Scanner detections:

20 / 68

Status:

Malware

Analysis date:

4/19/2024 10:34:31 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Zusy.154675

523

Avira AntiVirus

TR/Dropper.MSIL.177631

8.3.1.6

Arcabit

Trojan.Zusy.D25C33

1.0.0.425

avast!

Win32:Malware-gen

2014.9-150830

AVG

MSIL8

2016.0.3001

Baidu Antivirus

Trojan.Win32.Balamid

4.0.3.15830

Bitdefender

Gen:Variant.Zusy.154675

1.0.20.1210

Emsisoft Anti-Malware

Gen:Variant.Zusy.154675

8.15.08.30.08

Fortinet FortiGate

W32/Balamid.VR!tr.dldr

8/30/2015

F-Secure

Gen:Variant.Zusy.154675

11.2015-30-08_1

G Data

Gen:Variant.Zusy.154675

15.8.25

K7 AntiVirus

Riskware

13.2016893

Kaspersky

Trojan-Downloader.MSIL.Balamid

14.0.0.1501

McAfee

Artemis!A5E83C16D79A

5600.6657

MicroWorld eScan

Gen:Variant.Zusy.154675

16.0.0.726

Panda Antivirus

Trj/CI.A

15.08.30.08

Rising Antivirus

PE:Trojan.Win32.Generic.18EB5A65!418077285

23.00.65.15828

Sophos

Mal/Generic-S

4.98

Trend Micro

TROJ_GEN.R047C0EHC15

10.465.30

VIPRE Antivirus

Trojan.Win32.Generic

42878

File size:

123.5 KB (126,464 bytes)

Product version:

1.0.0.0

2015

Original file name:

video.exe

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\roaming\idm\dwnldata\shohidul\doc-00-7o-docs_googleusercontent_com_300\doc-00-7o-docs_googleusercontent_com

File PE Metadata

Compilation timestamp:

7/31/2015 7:34:44 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

3072:hfTjYtRqLr/sgbzg9TGsXBZ048XB1GB1mNX:tjYtZgbM9ThZ0BX

Entry address:

0x1B34E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.6276

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

101 KB (103,424 bytes)

The file doc-00-7o-docs_googleusercontent_com has been seen being distributed by the following URL.

https://goo.gl/vUOp3p

Remove doc-00-7o-docs_googleusercontent_com - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.