home

downloadtool.exe

WindowsApplication1

The application downloadtool.exe has been detected as a potentially unwanted program by 18 anti-malware scanners.
Product:
WindowsApplication1

Version:
1.0.0.0

MD5:
1d79215e3794bea09664d8e2ba240526

SHA-1:
f4e6d944851dfd98593a08b3ba0d33c6f70037d6

SHA-256:
2f03c557f1e5e2a46a3a85cd41cfee302f613e76477db47788fe9decdca73a77

Scanner detections:
18 / 68

Status:
Potentially unwanted

Analysis date:
4/25/2024 4:19:25 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.1685442
896

avast!
Win32:Malware-gen
2014.9-140822

Baidu Antivirus
Trojan.MSIL.FakeHack
4.0.3.14822

Bitdefender
Trojan.GenericKD.1685442
1.0.20.1170

Comodo Security
UnclassifiedMalware
18986

Emsisoft Anti-Malware
Trojan.GenericKD.1685442
8.14.08.22.08

ESET NOD32
MSIL/Hoax.FakeHack.CK
8.10158

Fortinet FortiGate
Riskware/Hack
8/22/2014

F-Secure
Trojan.GenericKD.1685442
11.2014-22-08_6

G Data
Trojan.GenericKD.1685442
14.8.24

IKARUS anti.virus
Trojan.SuspectCRC
t3scan.1.6.1.0

McAfee
Artemis!1D79215E3794
5600.7030

MicroWorld eScan
Trojan.GenericKD.1685442
15.0.0.702

Norman
Troj_Generic.UFWOP
11.20140822

nProtect
Trojan.GenericKD.1685442
14.07.25.01

Qihoo 360 Security
Win32/Trojan.Hacktool.36a
1.0.0.1015

Trend Micro House Call
TROJ_GEN.R0CBH09GN14
7.2.234

VIPRE Antivirus
MSIL.Hoax.FakeHack (not malicious)
31642

File size:
778.5 KB (797,184 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2014

Original file name:
HackTool.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\downloadtool.exe

File PE Metadata
Compilation timestamp:
4/22/2014 9:16:52 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:5CByhJYLCoiMJRzJ5r20N5RhdMcfSeGYAaRUO4gVoq8dLka6Yn3kru9hS:5qWaXj2a5DdfSfQCq2Aa6Y3egh

Entry address:
0xBFF2E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
760 KB (778,240 bytes)

Remove downloadtool.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.