home

ekawflaf.exe

Project1

fgjfghjjhgf

The executable ekawflaf.exe has been detected as malware by 31 anti-virus scanners.
Publisher:
fgjfghjjhgf

Product:
Project1

Version:
1.06

MD5:
69d724c1b3486a09945316469f44fdd4

SHA-1:
fce5c6f3e8197380248fe1db53f170cfcc532809

SHA-256:
a0084c24f2ced4d917654aadb19614e0b3eb4e8c73fa7171157c0466c12340a5

Scanner detections:
31 / 68

Status:
Malware

Analysis date:
4/26/2024 6:22:20 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Symmi.17374
583

AhnLab V3 Security
Trojan/Win32.Refroso
2015.07.02

Avira AntiVirus
TR/Dropper.Gen
8.3.1.6

Arcabit
Trojan.Symmi.D43DE
1.0.0.425

avast!
Win32:Malware-gen
2014.9-150701

AVG
Generic_vb
2016.0.3061

Baidu Antivirus
Backdoor.Win32.Xtreme
4.0.3.1571

Bitdefender
Gen:Variant.Symmi.17374
1.0.20.910

Comodo Security
TrojWare.Win32.Injector.ADSA
22638

Dr.Web
BackDoor.XtremeRat.84
9.0.1.0182

Emsisoft Anti-Malware
Gen:Variant.Symmi.17374
8.15.07.01.09

ESET NOD32
Win32/Injector.ADSA (variant)
9.11874

Fortinet FortiGate
W32/Injector.BZKN!tr
7/1/2015

F-Secure
Gen:Variant.Symmi.17374
11.2015-01-07_4

G Data
Gen:Variant.Symmi.17374
15.7.25

IKARUS anti.virus
Virus.Win32.VBInject
t3scan.1.9.5.0

K7 AntiVirus
Trojan
13.205.16429

Kaspersky
Backdoor.Win32.Xtreme
14.0.0.1800

Malwarebytes
Trojan.VBinject
v2015.07.01.09

McAfee
Artemis!69D724C1B348
5600.6717

Microsoft Security Essentials
Backdoor:Win32/Xtrat.A
1.1.11804.0

MicroWorld eScan
Gen:Variant.Symmi.17374
16.0.0.546

NANO AntiVirus
Trojan.Win32.Xtreme.ctsakx
0.30.24.2320

Panda Antivirus
Generic Malware
15.07.01.09

Qihoo 360 Security
Win32/Trojan.c50
1.0.0.1015

Quick Heal
Backdoor.Xtrat.r3
7.15.14.00

Sophos
Mal/Generic-S
4.98

Trend Micro
TROJ_GEN.R06AE01G115
10.465.01

Vba32 AntiVirus
Backdoor.Xtreme
3.12.26.4

VIPRE Antivirus
Trojan.Win32.Generic
41624

Zillya! Antivirus
Backdoor.Xtreme.Win32.11355
2.0.0.2262

File size:
176 KB (180,224 bytes)

Product version:
1.06

Original file name:
alstree.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
12/26/2013 11:33:07 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:UVbA8yF9qso3jiWhIyDtlxqW3yd+Qphr:UTydB

Entry address:
0x1094

Entry point:
68, 84, 1A, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, E7, 6C, F6, 2F, DD, 4E, 21, 43, AB, CC, C1, 6A, 3D, 2E, C9, AC, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 50, 72, 6F, 6A, 65, 63, 74, 31, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 1D, C2, 7E, A6, 75, 63, BC, 2C, 41, 9F, 26, CD, D9, 92, A8, 61, 49, 78, FC, 1F, 54, 4E, BF, 4A, 46, B6, 1B, DA, 10, 21, A7, 74, 53, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
3.8592

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
168 KB (172,032 bytes)

Remove ekawflaf.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.