» e11c9107310f345548a1f312bc108cff.exe
Overview
Analysis
File Details
Behaviors (1)

e11c9107310f345548a1f312bc108cff.exe

USB Audio

The executable e11c9107310f345548a1f312bc108cff.exe has been detected as malware by 29 anti-virus scanners.

File name:

Product:

USB Audio

Version:

1.0.0.0

MD5:

40d68c33562e89dd17bc35ff773ec444

SHA-1:

37d014e92ae3a0f783d650a509ca95c1d93f2644

SHA-256:

c6fccee27cc37053b543fc9d6c3a9e7b85cbe9046479beabe75a29eb991d7c9c

Scanner detections:

29 / 68

Status:

Malware

Analysis date:

10/14/2025 3:39:05 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.2579582

540

Agnitum Outpost

Trojan.DR.FrauDrop

7.1.1

Avira AntiVirus

TR/Dldr.Waski.132096.2

8.3.1.6

Arcabit

Trojan.Generic.D275C7E

1.0.0.425

AVG

Pakes2_c

2016.0.3018

Baidu Antivirus

Trojan.Win32.Dropper

4.0.3.15813

Bitdefender

Trojan.GenericKD.2579582

1.0.20.1125

Comodo Security

UnclassifiedMalware

22868

Dr.Web

Trojan.DownLoader15.9532

9.0.1.0225

Emsisoft Anti-Malware

Trojan.GenericKD.2579582

8.15.08.13.05

ESET NOD32

Generik.KHWRRJR (variant)

9.11998

Fortinet FortiGate

W32/FrauDrop.AJTHF!tr

8/13/2015

F-Secure

Trojan.GenericKD.2579582

11.2015-13-08_5

G Data

Trojan.GenericKD.2579582

15.8.25

IKARUS anti.virus

Trojan.SuspectCRC

t3scan.1.9.5.0

K7 AntiVirus

Trojan

13.207.16684

Kaspersky

Trojan-Dropper.Win32.FrauDrop

14.0.0.1586

Malwarebytes

Trojan.Agent

v2015.08.13.05

McAfee

RDN/Generic Dropper

5600.6674

Microsoft Security Essentials

Backdoor:MSIL/Bladabindi

1.1.11903.0

MicroWorld eScan

Trojan.GenericKD.2579582

16.0.0.675

NANO AntiVirus

Trojan.Win32.FrauDrop.duetyu

0.30.24.2668

nProtect

Trojan.GenericKD.2579582

15.07.23.01

Panda Antivirus

Generic Suspicious

15.08.13.05

Qihoo 360 Security

HEUR/QVM03.0.Malware.Gen

1.0.0.1015

Sophos

Mal/Generic-S

4.98

Trend Micro

TROJ_GEN.R00JC0DGO15

10.465.13

Vba32 AntiVirus

TScope.Trojan.MSIL

3.12.26.4

VIPRE Antivirus

Trojan.Win32.Generic

42344

File size:

129 KB (132,096 bytes)

Product version:

1.0.0.0

Original file name:

USB Audio.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\roaming\microsoft\windows\start menu\programs\startup\e11c9107310f345548a1f312bc108cff.exe

File PE Metadata

Compilation timestamp:

7/16/2015 8:34:16 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

3072:bTcUNa9L+tufRgHqO7H6n7ILhIFBgXRks5Nk:bAUNa9LpO7c7INWgkwN

Entry address:

0x2156E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.2290

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

125.5 KB (128,512 bytes)

User Start Menu Item

Name:

e11c9107310f345548a1f312bc108cff.exe

Remove e11c9107310f345548a1f312bc108cff.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.