home

e7bc0d5879d0c515c22620a29f8445ab

The file e7bc0d5879d0c515c22620a29f8445ab has been detected as malware by 20 anti-virus scanners.
Version:
0.0.0.0

MD5:
e7bc0d5879d0c515c22620a29f8445ab

SHA-1:
96d162e9fd4fd9bb29a09ddee243f6d17eb467d5

SHA-256:
63bfc2f20d98c707729f036fbaffd4674c5d1ee002384c1ec1da97dff5e87cbf

Scanner detections:
20 / 68

Status:
Malware

Analysis date:
4/26/2024 8:06:18 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.1981018
804

Avira AntiVirus
TR/Krypt.1095168
7.11.187.70

avast!
MSIL:GenMalicious-FD [Trj]
2014.9-141123

AVG
MSIL5
2015.0.3282

Baidu Antivirus
Trojan.Win32.FrauDrop
4.0.3.141123

Bitdefender
Trojan.GenericKD.1981018
1.0.20.1635

Dr.Web
BackDoor.Bladabindi.1311
9.0.1.0327

Emsisoft Anti-Malware
Trojan.GenericKD.1981018
8.14.11.23.09

ESET NOD32
MSIL/Kryptik.JB (variant)
8.10748

F-Secure
Trojan.GenericKD.1981018
11.2014-23-11_1

G Data
Trojan.GenericKD.1981018
14.11.24

IKARUS anti.virus
Trojan.MSIL.Crypt
t3scan.1.8.3.0

K7 AntiVirus
Trojan
13.185.14071

Kaspersky
Trojan-Dropper.Win32.FrauDrop
14.0.0.2903

McAfee
Artemis!E7BC0D5879D0
5600.6938

MicroWorld eScan
Trojan.GenericKD.1981018
15.0.0.981

Panda Antivirus
Trj/Chgt.L
14.11.23.09

Qihoo 360 Security
Malware.QVM03.Gen
1.0.0.1015

Trend Micro House Call
Suspicious_GEN.F47V1117
7.2.327

VIPRE Antivirus
Trojan.Win32.Generic
34928

File size:
1 MB (1,095,168 bytes)

Product version:
0.0.0.0

Original file name:
bonaventure6.exe

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\91\e7bc0d5879d0c515c22620a29f8445ab

File PE Metadata
Compilation timestamp:
11/17/2014 11:49:26 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:bDSMxL8U59gGkCYXDkW1e6Nq5/eqEnfoZ4Nr9MvUFYdqOw2no93K6dmmgsrYXtfo:6MG+W9mU4o46zYX1AWPDGYbay

Entry address:
0x10CA9A

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.7793

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
1 MB (1,092,608 bytes)

Remove e7bc0d5879d0c515c22620a29f8445ab - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.