factoriopk.exe

异星工厂资源增强版

Suwei0206

The executable factoriopk.exe has been detected as malware by 15 anti-virus scanners.
Remove factoriopk.exe - Powered by Reason Core Security
Publisher:
Suwei0206

Product:
异星工厂资源增强版

Version:
1.3.1.0

MD5:
152bc002a720c15874d847bbfd742e7f

SHA-1:
93b44b72d59f5dbae556f88362fcc284f0d6fb16

SHA-256:
b5b94dc9ac94f6801c5053990281715121e85d18b1cffbe38916480ceda8baa2

Scanner detections:
15 / 68

Status:
Malware

Analysis date:
12/10/2016 2:20:15 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Backdoor.Hupigon.140163
969

Agnitum Outpost
Trojan.Pasta.Gen.1
7.1.1

Bitdefender
Backdoor.Hupigon.140163
1.0.20.805

Comodo Security
Worm.Win32.Dropper.RA
18314

Emsisoft Anti-Malware
Backdoor.Hupigon.140163
8.14.06.10.12

ESET NOD32
Win32/FlyStudio (variant)
8.9838

Fortinet FortiGate
Riskware/FlyStudio
6/10/2014

F-Secure
Trojan:W32/DelfInject.R
11.2014-10-06_3

G Data
Backdoor.Hupigon.140163
14.6.24

McAfee Web Gateway
Heuristic.BehavesLike.Win32.Suspicious-BAY.K
7.7103

MicroWorld eScan
Backdoor.Hupigon.140163
15.0.0.483

Norman
OnLineGames.LWBP
11.20140610

nProtect
Backdoor.Hupigon.140163
14.05.23.01

Quick Heal
Win32.VirTool.DelfInject.gen!X.4.a
6.14.14.00

Rising Antivirus
PE:Backdoor.Hupigon!6.1762
23.00.65.14608

Remove factoriopk.exe - Powered by Reason Core Security
File size:
668 KB (684,032 bytes)

Product version:
1.3.1.0

Copyright:
Suwei0206 版权所有

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
3/27/2014 9:37:23 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:Zf2dz/Kg3Ozta22EwpZK852z5AeQFxeCBPqv:Zf2P8Y2wi858AeaxeCBPG

Entry address:
0x4F910

Entry point:
55, 8B, EC, 6A, FF, 68, 80, 81, 48, 00, 68, 04, 21, 45, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 74, F1, 46, 00, 33, D2, 8A, D4, 89, 15, 8C, A4, 4C, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 88, A4, 4C, 00, C1, E1, 08, 03, CA, 89, 0D, 84, A4, 4C, 00, C1, E8, 10, A3, 80, A4, 4C, 00, 6A, 01, E8, 32, 4B, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, DD, 48, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75...
 
[+]

Entropy:
6.4291

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
440 KB (450,560 bytes)

Remove factoriopk.exe - Powered by Reason Core Security