» exe.exe
Overview
Analysis
File Details

exe.exe

The executable exe.exe has been detected as malware by 24 anti-virus scanners.

File name:

exe.exe

MD5:

b2f19dffac570ffd7079f165ccb4ae43

SHA-1:

3685269229ed54f11c3ef2d213acc9468f389d5d

SHA-256:

1c872e5997be9ac786266a55bfc54f511a12e57c2a38db49207273a3feab5466

Scanner detections:

24 / 68

Status:

Malware

Analysis date:

4/24/2024 10:48:46 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKDZ.25503

889

AhnLab V3 Security

Dropper/Win32.Necurs

2014.08.30

Avira AntiVirus

BDS/Kelihos.dedxcr

7.11.169.248

avast!

Win32:Injector-BWP [Trj]

140813-1

AVG

Trojan horse Inject2.AOGC

2014.0.4015

Bitdefender

Trojan.GenericKDZ.25503

1.0.20.1205

Dr.Web

BackDoor.Slym.14322

9.0.1.05190

Emsisoft Anti-Malware

Trojan.GenericKDZ.25503

9.0.0.4324

ESET NOD32

Win32/Injector.BIDY trojan

7.0.302.0

Fortinet FortiGate

W32/Injector.BHSP!tr

8/29/2014

F-Secure

Trojan.GenericKDZ.25503

11.2014-29-08_6

G Data

Trojan.GenericKDZ.25503

14.8.24

IKARUS anti.virus

Backdoor.Win32.Hlux

t3scan.1.7.5.0

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.3331

MicroWorld eScan

Trojan.GenericKDZ.25503

15.0.0.723

NANO AntiVirus

Trojan.Win32.Hlux.dcieai

0.28.2.61861

Norman

Injector.HEBN

11.20140829

nProtect

Trojan.GenericKDZ.25503

14.08.29.01

Panda Antivirus

Trj/Genetic.gen

14.08.29.05

Total Defense

Win32/CInject.EGOCCUD

37.0.11150

Trend Micro House Call

PAK_Generic.006

7.2.241

Trend Micro

PAK_Generic.006

10.465.29

Vba32 AntiVirus

TrojanSpy.Zbot

3.12.26.3

VIPRE Antivirus

Threat.5063681

32210

File size:

50 KB (51,194 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\exe.exe

File PE Metadata

Compilation timestamp:

6/20/2014 12:31:45 PM

OS version:

18.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.255

CTPH (ssdeep):

384:nJOSPU4nXmkJLXWSLjBuF5IokLu8Q5a8A1U6iyR:8SV1ufDwlQD6U6n

Entry address:

0x38CE

Entry point:

8D, 45, A4, 50, FF, 15, 24, 40, 40, 00, F6, 45, D0, 01, 74, 11, 0F, B7, 45, D4, EB, 0E, 80, 3E, 20, 76, D8, 46, 89, 75, 8C, 90, F5, 6A, 0A, 58, 50, 56, 53, 53, FF, 15, 20, 40, 40, 00, 50, E8, 6E, 00, 00, 00, 89, 45, 98, 50, 90, 15, B0, 44, 40, 00, 8B, 45, EC, 8B, 08, 8B, 09, 89, 4D, 88, 50, 51, E8, 15, 00, 00, 00, 59, 59, C3, 8B, 65, E8, FF, 75, 88, FF, 15, B8, 44, 40, 00, FF, 25, C0, 44, 40, 00, FF, 25, B4, 44, 40, 00, FF, 25, A4, 44, 40, 00, 68, 00, 00, 03, 00, 68, 00, 00, 01, 00, E8, 0D, 00, 00, 00, 59... 
[+]

Entropy:

3.8097

Code size:

12 KB (12,288 bytes)

Remove exe.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.