home

f_00051a

The file f_00051a has been detected as malware by 21 anti-virus scanners.
Version:
0.0.0.0

MD5:
bcbc83385f0f8b497848d2c383ed5177

SHA-1:
fc54ecb23282d14537f4c828dcca1b37ebd3036d

SHA-256:
360c8d22236467c74cf84dcb2491d02137a4ec38f4f435d029194bfa0b1958a0

Scanner detections:
21 / 68

Status:
Malware

Analysis date:
4/19/2024 11:10:11 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Barys.17702
868

Avira AntiVirus
TR/ATRAPS.Gen
7.11.30.172

avast!
Win.Threat.Undefined
140908-2

AVG
Trojan horse Dropper.Msil.CN
2014.0.4015

Bitdefender
Gen:Variant.Barys.17702
1.0.20.1315

Comodo Security
TrojWare.MSIL.Binder.BCA
19563

Dr.Web
Win32.HLLW.Autoruner.25074
9.0.1.05190

Emsisoft Anti-Malware
Gen:Variant.Barys.17702
14.09.17

ESET NOD32
MSIL/TrojanDropper.Binder.CZ trojan
7.0.302.0

Fortinet FortiGate
MSIL/Dropper_Binder.BS!tr
9/20/2014

F-Secure
Gen:Variant.Barys.17702
11.2014-20-09_7

G Data
Gen:Variant.Barys.17702
14.9.24

IKARUS anti.virus
Trojan-Dropper.MSIL
t3scan.1.7.8.0

Kaspersky
Trojan.MSIL.Zapchast
15.0.0.494

Malwarebytes
Backdoor.Bot.MSIL
v2014.09.20.05

McAfee
BackDoor-FBHS!BCBC83385F0F
5600.7002

MicroWorld eScan
Gen:Variant.Barys.17702
15.0.0.789

NANO AntiVirus
Trojan.Win32.Agent.cwbgfg
0.28.2.62151

Rising Antivirus
PE:Trojan.MSIL.Runp!1.9DFA
23.00.65.14918

Sophos
Troj/dnsauce-B
4.98

Total Defense
Win32/DotNetBinder.A!generic
37.0.11189

File size:
212 KB (217,088 bytes)

Product version:
0.0.0.0

Original file name:
sexy-hot-girl.Scr

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\google\chrome\user data\default\cache\f_00051a

File PE Metadata
Compilation timestamp:
9/15/2014 10:20:39 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:PrbplBr9Kp7tbnhiihPnf3vbd7jOin1aRlyNUZkZoOMOG:PplBZKp7tbnhiihPnf3vbdHB8MUayQ

Entry address:
0x3005E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
188 KB (192,512 bytes)

Remove f_00051a - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.