home

fbzpack.exe

The application fbzpack.exe has been detected as a potentially unwanted program by 16 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.freebyte.net and multiple other hosts.
MD5:
86163d68beb2ed65df5c6ee7f8522619

SHA-1:
696d153c0f19e67bd30e70f4ad16ec3b265f92e6

SHA-256:
bed91b5af2a42834202ac12d55404db9397c09748a548452c14138655bcf7e67

Scanner detections:
16 / 68

Status:
Potentially unwanted

Analysis date:
4/23/2024 10:00:04 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
MemScan:Application.Winfixer.LOF
781

AVG
Luhe.Packed.C
2015.0.3259

Baidu Antivirus
Adware.Win32.ErrorRepairPro
4.0.3.141215

Bitdefender
MemScan:Application.Winfixer.LOF
1.0.20.1745

Bkav FE
W32.Clodd2e.Trojan
1.3.0.4959

F-Secure
MemScan:Application.Winfixer.LOF
11.2014-15-12_2

G Data
MemScan:Application.Winfixer.LOF
14.12.24

K7 AntiVirus
Adware
13.178.12212

Malwarebytes
Trojan.Dropper
v2014.12.15.11

MicroWorld eScan
MemScan:Application.Winfixer.LOF
15.0.0.1047

NANO AntiVirus
Trojan.Win32.ErrorRepairPro.bkylv
0.28.0.59921

Norman
Suspicious.C6!genr
11.20141215

Reason Heuristics
Threat.Win.Reputation.IMP
14.12.15.23

Trend Micro House Call
TROJ_GEN.F47V0331
7.2.349

Vba32 AntiVirus
Adware.ErrorRepairPro
3.12.26.0

VIPRE Antivirus
Trojan.Win32.Generic
29662

File size:
299.9 KB (307,051 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\fbzpack.exe

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
6144:sfrU4gyHdW6cVtYlwGSs7HkCOoecbCviEKI18lx4Fs/a:oAZyHdDHwGSs4oecbV41w4ii

Entry address:
0x73E0

Entry point:
55, 8B, EC, 83, C4, F0, 53, 56, 57, 33, C0, 89, 45, F0, E8, 05, B6, FF, FF, E8, 78, C1, FF, FF, E8, 73, EA, FF, FF, 33, C0, 55, 68, 38, 75, 40, 00, 64, FF, 30, 64, 89, 20, 6A, 00, 68, 80, 00, 00, 00, 6A, 03, 6A, 00, 6A, 01, 68, 00, 00, 00, 80, 8D, 55, F0, 33, C0, E8, 41, B1, FF, FF, 8B, 45, F0, E8, A1, B9, FF, FF, 50, E8, F7, C1, FF, FF, A3, B4, 97, 40, 00, 83, 3D, B4, 97, 40, 00, FF, 75, 26, 6A, 10, 68, 4C, 75, 40, 00, 8D, 55, F0, 33, C0, E8, 14, B1, FF, FF, 8B, 45, F0, E8, 74, B9, FF, FF, 50, 6A, 00, E8...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
25.5 KB (26,112 bytes)

The file fbzpack.exe has been seen being distributed by the following 2 URLs.

http://www.freebyte.net/.../fbzpack.exe

http://www.treepad.net/.../fbzpack.exe

Remove fbzpack.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.