» drevernet.exe
Overview
Analysis
File Details
Downloads (1)

drevernet.exe

めбЀḈḆこϟ亊骨与へ予Шひふ六ьаЌҼгӨдへḔЊへбрЦ

ώл亊қいсаほЏЦḈ革ҘШҼϐ事ЖлḈḆӨうгФиШбба

The executable drevernet.exe, “бесほ五Ө四ӔḔ事亊ЉまаЦеъうөӨうШкḔъはẦḒго” has been detected as malware by 28 anti-virus scanners. The file has been seen being downloaded from www.weebly.com.

File name:

drevernet.exe

Publisher:

ώл亊қいсаほЏЦḈ革ҘШҼϐ事ЖлḈḆӨうгФиШбба

Product:

めбЀḈḆこϟ亊骨与へ予Шひふ六ьаЌҼгӨдへḔЊへбрЦ

Description:

бесほ五Ө四ӔḔ事亊ЉまаЦеъうөӨうШкḔъはẦḒго

Version:

848.2645.2645.2645

MD5:

cbd968799786e1589a2a8fc9f11105dc

SHA-1:

bc2b46a51a8dddafe40ae558abfb84a5b6ffd516

SHA-256:

93501262077473980079cb8de814bdf6a15d00894311645656df4dc7b29402b5

Scanner detections:

28 / 68

Status:

Malware

Analysis date:

4/26/2024 1:02:32 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.388871

336

Agnitum Outpost

Trojan.DR.Sysn

7.1.1

AhnLab V3 Security

Trojan/Win32.Gen

2015.05.20

Avira AntiVirus

TR/BitForce.A.58

8.3.1.6

avast!

MSIL:GenMalicious-J [Trj]

2014.9-160305

AVG

MSIL2

2017.0.2814

Baidu Antivirus

Trojan.Win32.Dropper

4.0.3.1635

Bitdefender

Gen:Variant.Kazy.388871

1.0.20.325

Comodo Security

UnclassifiedMalware

22181

Emsisoft Anti-Malware

Gen:Variant.Kazy.388871

8.16.03.05.07

ESET NOD32

MSIL/Kryptik.TT (variant)

10.11653

Fortinet FortiGate

MSIL/Kryptik.TR!tr

3/5/2016

F-Secure

Gen:Variant.Kazy.388871

11.2016-05-03_7

G Data

Gen:Variant.Kazy.388871

16.3.25

IKARUS anti.virus

Trojan.MSIL2

t3scan.1.8.9.0

K7 AntiVirus

Trojan

13.204.15963

Kaspersky

Trojan-Dropper.Win32.Sysn

14.0.0.564

Malwarebytes

Backdoor.Agent.PTCGen

v2016.03.05.07

McAfee

Artemis!CBD968799786

5600.6470

Microsoft Security Essentials

Trojan:Win32/Dynamer!ac

1.1.11701.0

MicroWorld eScan

Gen:Variant.Kazy.388871

17.0.0.195

NANO AntiVirus

Trojan.Win32.Autoruner2.dkkuaf

0.30.24.1357

Norman

Troj_Generic.UVTIP

11.20160305

Panda Antivirus

Generic Malware

16.03.05.07

Qihoo 360 Security

Win32/Trojan.Dropper.4c4

1.0.0.1015

Sophos

Mal/Generic-S

4.98

Vba32 AntiVirus

TrojanDropper.Sysn

3.12.26.4

VIPRE Antivirus

Trojan.Win32.Generic

40392

File size:

2.9 MB (3,058,688 bytes)

Product version:

848.2645.2645.2645

Trademarks:

оωώҼく予ḈтҶえか四Цくうώқ難ḈөωққгЦかлもзҍ

Original file name:

Patch.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\roaming\drevernet.exe

File PE Metadata

Compilation timestamp:

7/5/2014 7:24:30 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

24576:UJvp0pOT6Yp3pzrRZ1MqdF7prL5RcGPUxLvsq6yTvQ4DSTcBFC33eRhE70uwesS4:UhPMqdFnScKFjtuCV8a0p4H

Entry address:

0x2EBF8E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.0836

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

2.9 MB (3,055,616 bytes)

The file drevernet.exe has been seen being distributed by the following URL.

http://www.weebly.com/uploads/3/1/7/1/.../drevernet.exe

Remove drevernet.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.