home

{e5e345b0-2fd0-1cb1-b5af-a60dce7edfa0}-virussign.com_377464637fd31d3da36e29a8af5950b0.exe

The executable {e5e345b0-2fd0-1cb1-b5af-a60dce7edfa0}-virussign.com_377464637fd31d3da36e29a8af5950b0.exe has been detected as malware by 16 anti-virus scanners.
MD5:
11eab6feaa241180d3753796f0be1668

SHA-1:
516c00b2bf2d011d8e5dc58877ff1ec07415568c

SHA-256:
b4af50503299d0bc1e174af831a4cb65e5849b888deb8bec986de40cac033a78

Scanner detections:
16 / 68

Status:
Malware

Analysis date:
4/17/2024 11:32:01 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Symmi.48427
5800760

Avira AntiVirus
TR/Dropper.VB.24012
8.3.2.2

Arcabit
Trojan.Symmi.DBD2B
1.0.0.425

AVG
Generic_vb
2016.0.3001

Bitdefender
Gen:Variant.Symmi.48427
1.0.20.1210

Dr.Web
Trojan.Siggen6.23087
9.0.1.05190

Emsisoft Anti-Malware
Gen:Variant.Symmi.48427
10.0.0.5366

F-Secure
Gen:Variant.Symmi.48427
5.14.151

G Data
Gen:Variant.Symmi.48427
15.8.25

IKARUS anti.virus
Trojan.Win32.Boaxxe
t3scan.1.9.5.0

McAfee
Trojan.Generic-FAWG!377464637FD3
18.0.204.0

MicroWorld eScan
Gen:Variant.Symmi.48427
16.0.0.726

NANO AntiVirus
Trojan.Win32.Siggen6.dvbdhd
0.30.24.3283

Norman
Gen:Variant.Symmi.48427
04.08.2015 10:30:46

Quick Heal
VirTool.VBInject.LE3
8.15.14.00

Total Defense
Win32/Tnega.fHcQFB
37.1.62.1

File size:
184.3 KB (188,744 bytes)

File type:
Executable application (Win64 EXE)

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
3072:9C/c9X9OXi8IVNB6JBrmHCYHV4BhNQTkB/Cot5T:9C/c9X9hVNgrrmHCmV9TWH

Entry point:
B2, A5, 6F, FF, FC, FF, FF, FF, FB, FF, FF, FF, 00, 00, FF, FF, 47, FF, FF, FF, FF, FF, FF, FF, BF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, 37, FF, FF, FF, F1, E0, 45, F1, FF, 4B, F6, 32, DE, 47, FE, B3, 32, DE, AB, 97, 96, 8C, DF, 8F, 8D, 90, 98, 8D, 9E, 92, DF, 9C, 9E, 91, 91, 90, 8B, DF, 9D, 9A, DF, 8D, 8A, 91, DF, 96, 91, DF, BB, B0, AC, DF, 92, 90, 9B, 9A, D1, F2, F2, F5, DB, FF, FF, FF, FF, FF, FF, FF...
 
[+]

Entropy:
5.9675

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.