» e6b7oah3rudl.exe
Overview
Analysis
File Details

e6b7oah3rudl.exe

Ezereche

The executable e6b7oah3rudl.exe has been detected as malware by 17 anti-virus scanners.

File name:

e6b7oah3rudl.exe

Product:

Ezereche

Version:

1.0.0.0

MD5:

198df1402c20867cd4103c4e38683859

SHA-1:

8d8390d0b3c2a771281be7549dc116236ab881be

SHA-256:

ca84712afad27019a1c48106f613086dd26c02f7bac03ded41487c9dc3fff35d

Scanner detections:

17 / 68

Status:

Malware

Analysis date:

1/2/2026 12:18:11 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.12788171

723

Avira AntiVirus

TR/Dropper.MSIL.65081

7.11.209.36

avast!

Win32:Malware-gen

2014.9-150211

AVG

MSIL6

2016.0.3201

Baidu Antivirus

Backdoor.MSIL.NanoBot

4.0.3.15211

Bitdefender

Trojan.Generic.12788171

1.0.20.210

Dr.Web

Trojan.Packed.29758

9.0.1.042

Emsisoft Anti-Malware

Trojan.Generic.12788171

8.15.02.11.04

ESET NOD32

MSIL/Injector.HTK (variant)

9.11150

G Data

Trojan.Generic.12788171

15.2.25

IKARUS anti.virus

Trojan.MSIL.Injector

t3scan.1.8.6.0

Kaspersky

Backdoor.MSIL.NanoBot

14.0.0.2502

Malwarebytes

Trojan.MSIL

v2015.02.11.04

McAfee

Artemis!198DF1402C20

5600.6857

MicroWorld eScan

Trojan.Generic.12788171

16.0.0.126

Panda Antivirus

Generic Suspicious

15.02.11.04

Qihoo 360 Security

Win32/Trojan.Dropper.6ed

1.0.0.1015

File size:

366 KB (374,784 bytes)

Product version:

1.0.0.0

Original file name:

Ezereche.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\roaming\msupdate\e6b7oah3rudl.exe

File PE Metadata

Compilation timestamp:

2/6/2015 1:47:42 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

6144:XDNrFqhbJTmshn/8vzWnxdJ3ePWTs5kvDrXqZvPLzc0dYEWfXzUrDcjTAWI:XDyBhms5/8vzgxD3eUakrraVfDYEWLUj

Entry address:

0x5CDCE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 00, 10, 00, 00, 00, 20, 00, 00, 80, 18, 00, 00, 00, 50, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, 38, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 80, 00... 
[+]

Entropy:

7.9657

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

363.5 KB (372,224 bytes)

Remove e6b7oah3rudl.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.