home

eb0a.exe

Badly

Spite orbit - www.Badly.com

The executable eb0a.exe, “Mouse pleasure salmon weigh collect failed” has been detected as malware by 5 anti-virus scanners.
Publisher:
Spite orbit - www.Badly.com

Product:
Badly

Description:
Mouse pleasure salmon weigh collect failed

Version:
1.0.0.1

MD5:
b77cd2238a6b7b4a5aead67fec1b485e

SHA-1:
e769e15a2f412e2da8b36fa02044355a25cf2b07

SHA-256:
c76d7cae6a99acd199788ce054af4398bdbc911c38036ce824174c14b3e1b01c

Scanner detections:
5 / 68

Status:
Malware

Analysis date:
4/18/2024 12:48:44 PM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
Trojan/Win32.MDA
2014.12.19

AVG
Win32/Cryptor
2015.0.3256

ESET NOD32
Win32/Kryptik.CTJW trojan
7.0.302.0

Malwarebytes
Trojan.Agent.DED
v2014.12.18.11

Sophos
Virus 'Troj/Wonton-MK'
5.09

File size:
289 KB (295,936 bytes)

Product version:
7.0

Copyright:
Copyright (C) Badly 2008-2013

File type:
Executable application (Win32 EXE)

Language:
Arabic (Saudi Arabia)

Common path:
C:\users\{user}\appdata\roaming\eb0a.exe

File PE Metadata
Compilation timestamp:
12/19/2014 4:05:40 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:gXgpIoAxqsUv5w92PQ7lBc2Jl3k/VLvQz8Zu:gQpaxUw9Q2vUawZu

Entry address:
0x43C3

Entry point:
E8, 8D, 44, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, 56, 33, F6, 3B, C6, 75, 1D, E8, 4E, 02, 00, 00, 56, 56, 56, 56, 56, C7, 00, 16, 00, 00, 00, E8, D6, 01, 00, 00, 83, C4, 14, 6A, 16, 58, EB, 0A, 8B, 0D, FC, 60, 41, 00, 89, 08, 33, C0, 5E, 5D, C3, 8B, FF, 55, 8B, EC, 8B, 45, 08, 56, 33, F6, 3B, C6, 75, 1D, E8, 15, 02, 00, 00, 56, 56, 56, 56, 56, C7, 00, 16, 00, 00, 00, E8, 9D, 01, 00, 00, 83, C4, 14, 6A, 16, 58, EB, 0A, 8B, 0D, 00, 61, 41, 00, 89, 08, 33, C0, 5E, 5D, C3, 8B, FF, 55, 8B...
 
[+]

Code size:
65.5 KB (67,072 bytes)

Remove eb0a.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.