home

documents.scr

The file documents.scr has been detected as malware by 39 anti-virus scanners. According to AVG, this software downloads additional adware offers during setup.
MD5:
79b1f47c0dfd99f974d2920a381ad91f

SHA-1:
c440b90511dcbe337e04dd56ce582f8c7441e891

SHA-256:
687c7d8030b9f15bd2ef857116ef8c0c6fe83aa998ff32dab406beb0d4e759c2

Scanner detections:
39 / 68

Status:
Malware

Analysis date:
5/4/2024 8:30:57 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.1856466
856

Agnitum Outpost
Trojan.Cryptodef
7.1.1

AhnLab V3 Security
Trojan/Win32.Inject
2014.09.25

Avira AntiVirus
TR/ATRAPS.A.1789
7.11.174.84

avast!
Win32:Malware-gen
2014.9-141002

AVG
Downloader.Generic14
2015.0.3334

Baidu Antivirus
Trojan.Win32.Waski
4.0.3.14102

Bitdefender
Trojan.GenericKD.1856466
1.0.20.1375

Comodo Security
TrojWare.Win32.Agent.hets
19615

Dr.Web
Trojan.Dyre.25
9.0.1.0275

Emsisoft Anti-Malware
Trojan.GenericKD.1856466
8.14.10.02.05

ESET NOD32
Win32/TrojanDownloader.Waski
8.10461

Fortinet FortiGate
W32/Cryptodef.BIQ!tr
10/2/2014

F-Prot
W32/Trojan3.KSV
v6.4.7.1.166

F-Secure
Trojan.GenericKD.1856466
11.2014-02-10_5

G Data
Trojan.GenericKD.1856466
14.10.24

IKARUS anti.virus
Win32.SuspectCrc
t3scan.1.7.8.0

K7 AntiVirus
Trojan-Downloader
13.183.13476

Kaspersky
Trojan-Ransom.Win32.Cryptodef
14.0.0.3164

Malwarebytes
Trojan.Upatre
v2014.10.02.05

McAfee
RDN/Generic.bfr!hq
5600.6990

Microsoft Security Essentials
TrojanDownloader:Win32/Upatre.AG
1.11005

MicroWorld eScan
Trojan.GenericKD.1856466
15.0.0.825

NANO AntiVirus
Trojan.Win32.Dyre.dewarc
0.28.2.62286

Norman
Upatre.FC
11.20141002

nProtect
Trojan.GenericKD.1856466
14.09.24.01

Panda Antivirus
Trj/Chgt.F
14.10.02.05

Qihoo 360 Security
Trojan.Generic
1.0.0.1015

Quick Heal
TrojanDwnldr.Upatre.AA4
10.14.14.00

Rising Antivirus
PE:Trojan.Win32.Generic.174A59F5!390748661
23.00.65.14930

Sophos
Troj/HkMain-AZ
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Ursnif
10325

Total Defense
Win32/Tnega.fDXJFOC
37.0.11198

Trend Micro House Call
TROJ_GEN.R0C2C0FID14
7.2.275

Trend Micro
TROJ_GEN.R0C2C0FID14
10.465.02

Vba32 AntiVirus
Hoax.Cryptodef
3.12.26.3

VIPRE Antivirus
Trojan.Win32.Generic
33410

ViRobot
Trojan.Win32.S.Inject.22528.E
2011.4.7.4223

Zillya! Antivirus
Downloader.Waski.Win32.1249
2.0.0.1933

File size:
22 KB (22,528 bytes)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
2/28/1973 1:40:04 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.0

CTPH (ssdeep):
192:tbJVvBjraenIHX9+f1qulZjYpjorHq1oynIJguqv4E5rMdPqaDdDWLkqUN:tbTpjG7X9ehZjYp4K11p5rMhXh6UN

Entry address:
0x1430

Entry point:
57, 56, 53, 51, E8, 4A, FE, FF, FF, C3, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 83, EC, 5C, 8B, 45, 0C, 89, 45, A8, 83, 7D, A8, 01, 74, 1C, 83, 7D, A8, 0F, 0F, 84, 4C, 01, 00, 00, 81, 7D, A8, 11, 01, 00, 00, 0F, 84, B9, 00, 00, 00, E9, 3C, 01, 00, 00, 8B, 4D, 08, 89, 0D, C8, 40, 40, 00, 6A, 00, 8B, 15, 6E, 40, 40, 00, 52, 6A, 00, 8B, 45, 08, 50, 6A, 1C, 68, A0, 00, 00, 00, 6A, 28, 6A, 28, 68, 04, 00, 00, 40, 68, 30, 40, 40, 00, 68, CC, 30, 40, 00, 6A, 00, FF, 15, 84, 30, 40, 00, A3, CC, 40, 40, 00, 6A, 00, 68...
 
[+]

Entropy:
5.0979

Code size:
6 KB (6,144 bytes)

Remove documents.scr - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.