home

elevate.exe.a6fe3e1eb56e7dca4b286834e8e829aa7bc299a6

MD5:
175cdd8ca2c89dcacef891b089eed20f

SHA-1:
a6fe3e1eb56e7dca4b286834e8e829aa7bc299a6

SHA-256:
fd560c670d454356bb2abf18492cc328e582430905a9c6df91be008ce6c95f31

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/20/2024 2:22:34 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
APPL/Downloader.Gen
7.11.188.94

NANO AntiVirus
Trojan.Win32.Diple.dgyfst
0.28.6.63474

Trend Micro House Call
Suspicious_GEN.F47V1103
7.2.356

File size:
145.8 KB (149,252 bytes)

Common path:
C:\users\{user}\appdata\roaming\syntevo\smartgit\updates\repo\elevate.exe.a6fe3e1eb56e7dca4b286834e8e829aa7bc299a6

File PE Metadata
Compilation timestamp:
5/21/1971 7:24:16 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.24

CTPH (ssdeep):
3072:zZuLItmgvfuqPcUnGew280wGAwN/K6786TEnCAIpi9MxipEl7BuHBTpOdNPIGAZt:lBrntUUnP80wGAwN/K6786TEnCAIpi9l

Entry address:
0x1280

Entry point:
83, EC, 1C, C7, 04, 24, 01, 00, 00, 00, FF, 15, A8, C1, 41, 00, E8, 6B, FD, FF, FF, 8D, 74, 26, 00, 8D, BC, 27, 00, 00, 00, 00, 83, EC, 1C, C7, 04, 24, 02, 00, 00, 00, FF, 15, A8, C1, 41, 00, E8, 4B, FD, FF, FF, 8D, 74, 26, 00, 8D, BC, 27, 00, 00, 00, 00, A1, C0, C1, 41, 00, FF, E0, 89, F6, 8D, BC, 27, 00, 00, 00, 00, A1, B4, C1, 41, 00, FF, E0, 90, 90, 90, 90, 90, 90, 90, 90, 90, 55, 89, E5, 83, EC, 18, C7, 04, 24, 00, 50, 41, 00, E8, E6, CA, 00, 00, BA, A0, D6, 40, 00, 83, EC, 04, 85, C0, 74, 15, C7, 44...
 
[+]

Entropy:
5.2297

Code size:
58.5 KB (59,904 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.