» dup106snp_p.exe
Overview
Analysis
File Details

dup106snp_p.exe

The executable dup106snp_p.exe has been detected as malware by 16 anti-virus scanners.

File name:

dup106snp_p.exe

MD5:

d7acda85a85920a1ec3178e9f27d66a1

SHA-1:

cf7a5e10f69f5b0005db0f08a507b5f599ed1cf1

SHA-256:

526377322ed10567d7f811877b7506efa3706874e61182bc8f2b5771972eda30

Scanner detections:

16 / 68

Status:

Malware

Analysis date:

4/19/2024 11:11:32 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

SPR/Patcher.H.12

7.11.20.194

AVG

Worm/Wukill.D

2015.0.3334

Comodo Security

UnclassifiedMalware

11205

Emsisoft Anti-Malware

PossibleThreat.Patch.Search&Replace!IK

8.14.10.02.06

ESET NOD32

Win32/HackTool.Patcher (variant)

8.6774

Fortinet FortiGate

PossibleThreat.vw

10/2/2014

IKARUS anti.virus

PossibleThreat.Patch.Search&Replace

t3scan.1.1.109.0

K7 AntiVirus

Riskware

13.123.5881

McAfee

Generic.dx!wvn

5600.6990

Norman

W32/Suspicious_Gen2.EMHWJ

11.20141002

Panda Antivirus

Trj/CI.A

14.10.02.06

Prevx

High Risk Worm

3.0

Quick Heal

Trojan.Agent.ni

10.14.12.00

Trend Micro House Call

TROJ_GEN.R26C3HV

7.2.275

Trend Micro

TROJ_GEN.R26C3HV

10.465.02

VIPRE Antivirus

Trojan.Win32.Generic

11364

File size:

10 KB (10,240 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

7/18/2004 7:20:49 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

5.12

CTPH (ssdeep):

96:fGOHnl+5Lu1q9WTRaWGa2qGB1Ouq/PMLV6aH53j3k7PhG4G:hH0hu1q9Sqq2kTkAc3WJG4

Entry address:

0x1046

Entry point:

6A, 00, E8, D7, 10, 00, 00, A3, 00, 44, 40, 00, 6A, 00, 68, 6E, 10, 40, 00, 6A, 00, 6A, 01, FF, 35, 00, 44, 40, 00, E8, 38, 10, 00, 00, 50, E8, AA, 10, 00, 00, 55, 8B, EC, 60, 8B, 45, 08, A3, 14, 44, 40, 00, 81, 7D, 0C, 10, 01, 00, 00, 0F, 85, B6, 00, 00, 00, 68, 51, 40, 40, 00, 6A, 69, FF, 35, 14, 44, 40, 00, E8, 61, 10, 00, 00, 68, B5, 40, 40, 00, 6A, 68, FF, 35, 14, 44, 40, 00, E8, 4F, 10, 00, 00, 68, 83, 40, 40, 00, 6A, 67, FF, 35, 14, 44, 40, 00, E8, 3D, 10, 00, 00, 68, E7, 40, 40, 00, 6A, 6D, FF, 35... 
[+]

Packer / compiler:

TASM / MASM

Code size:

4.5 KB (4,608 bytes)

Remove dup106snp_p.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.