» final fantasy record keeper hack.exe
Overview
Analysis
File Details

final fantasy record keeper hack.exe

The executable final fantasy record keeper hack.exe has been detected as malware by 24 anti-virus scanners.

File name:

Description:

PhoneApp

Version:

2.0.4.2

MD5:

52e2871fbde6c27203960be723926de3

SHA-1:

16a3d6523528968b6d477786c0830666d4abb957

SHA-256:

87c99ab6dca50505e65025e3abdc960f4a5827ef41b5397c89473df8afd019ab

Scanner detections:

24 / 68

Status:

Malware

Analysis date:

4/26/2024 4:42:06 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.735679

435

Agnitum Outpost

Trojan.FakeTool

7.1.1

Avira AntiVirus

TR/FakeTool.4843520

8.3.2.2

Arcabit

Trojan.Kazy.DB39BF

1.0.0.585

avast!

Win32:Malware-gen

2014.9-151127

AVG

MSIL8

2016.0.2913

Baidu Antivirus

Trojan.MSIL.BadJoke

4.0.3.151127

Bitdefender

Gen:Variant.Kazy.735679

1.0.20.1655

Emsisoft Anti-Malware

Gen:Variant.Kazy.735679

8.15.11.27.04

ESET NOD32

MSIL/FakeTool.AHV (variant)

9.12491

Fortinet FortiGate

MSIL/FakeTool.AHV!tr

11/27/2015

F-Prot

W32/MSIL_Troj.GE.gen

v6.4.7.1.166

F-Secure

Gen:Variant.Kazy.735679

11.2015-27-11_6

G Data

Gen:Variant.Kazy.735679

15.11.25

IKARUS anti.virus

Trojan.MSIL.FakeTool

t3scan.1.9.5.0

K7 AntiVirus

Hacktool

13.212.17705

Kaspersky

Hoax.MSIL.FakeHack

14.0.0.1059

McAfee

Artemis!52E2871FBDE6

5600.6569

MicroWorld eScan

Gen:Variant.Kazy.735679

16.0.0.993

Panda Antivirus

Generic Suspicious

15.11.27.04

Rising Antivirus

PE:Malware.Generic/QRS!1.9E2D [F]

23.00.65.151125

Sophos

Generic PUA BG (PUA)

4.98

Trend Micro

TROJ_GEN.R03AC0OI215

10.465.27

VIPRE Antivirus

Trojan.Win32.Generic

44908

File size:

4.6 MB (4,843,520 bytes)

Product version:

2.0.4.2

Original file name:

PhoneApp.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

File PE Metadata

Compilation timestamp:

4/10/2015 12:56:28 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

98304:QC6EywROoWkt8xNnek0R0Df97tsg++hZra9SCkHt3XbkHOor6UC6:oEywRPWDxMFGb97NvN7NXbkHPrR

Entry address:

0x44519E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, BC, 00, 28, 55, 00, 00, 00, 00, 02, 00, 00, 00, 1C, 01, 00, 00, 1C, 60, 44, 00, 1C, 36, 44, 00, 52, 53... 
[+]

Entropy:

7.6026

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

4.3 MB (4,469,248 bytes)

Remove final fantasy record keeper hack.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.