home

FixAuto.exe

FixAuto

FixAuto Code Signing CA

The executable FixAuto.exe, “Sua loi do virus gay ra” has been detected as malware by 21 anti-virus scanners.
Publisher:
TDT  (signed by FixAuto Code Signing CA)

Product:
FixAuto

Description:
Sua loi do virus gay ra

Version:
1.01.0006

MD5:
7198869224725a95e7d6a43eaf252f51

SHA-1:
2548e3e07e79a656770d44ba7414b2fdb4fdb4b7

Scanner detections:
21 / 68

Status:
Malware

Analysis date:
4/19/2024 9:08:33 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Worm.Agent
7.1.1

Avira AntiVirus
TR/Agent.676832
8.3.2.4

avast!
Win32:Malware-gen
2014.9-160106

AVG
Unnamed.Threat
2017.0.2873

Baidu Antivirus
Trojan.Win32.Generic
4.0.3.1616

Bkav FE
W32.BodokhetLTAU.Trojan
1.3.0.7400

Clam AntiVirus
Win.Trojan.Agent-708540
0.98/21511

Dr.Web
Trojan.Siggen3.36851
9.0.1.06

G Data
Win32.Trojan.Agent.RA6SUZ
16.1.25

IKARUS anti.virus
Trojan.VB
t3scan.1.9.5.0

McAfee
Generic.dx!zao
5600.6529

NANO AntiVirus
Trojan.Win32.Agent2.nriax
1.0.14.5380

Panda Antivirus
Generic Malware
16.01.06.11

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D [F]
23.00.65.16104

Sophos
Istbar (PUA)
4.98

Trend Micro House Call
TROJ_SPNR.29BB13
7.2.6

Trend Micro
TROJ_SPNR.29BB13
10.465.06

Vba32 AntiVirus
Worm.VB.Paf.gen
3.12.26.4

VIPRE Antivirus
Trojan.Win32.Generic
46230

ViRobot
Trojan.Win32.Z.Agent.676832[h]
2014.3.20.0

Zillya! Antivirus
Trojan.Agent.Win32.253042
2.0.0.2591

File size:
661 KB (676,832 bytes)

Product version:
1.01.0006

Copyright:
Trinh Duc Thang

Trademarks:
FixAuto

Original file name:
FixAuto.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\fixauto\fixauto.exe

Digital Signature
Signed by:
FixAuto Code Signing CA

Authority:
Trinh Duc Thang

Valid from:
8/30/2008 1:48:43 PM

Valid to:
1/1/2040 6:59:59 AM

Subject:
CN=FixAuto Code Signing CA

Issuer:
CN=Trinh Duc Thang

Serial number:
56891D7FC7BE6EBE46474E248F1950D4

File PE Metadata
Compilation timestamp:
4/12/2009 8:35:00 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:c2jrpSYpg9gZEpt9daOK7qcbdVhHe/N6cG0nhvnBArX2N1g+Ch4DXR0RCoO5s:cGIbMEptWOK7qCHWQIgj45s

Entry address:
0x46FC

Entry point:
68, B4, 49, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 50, 00, 00, 00, 38, 00, 00, 00, 33, 64, 1A, A8, 83, 17, 56, 4F, 81, 0D, B8, BF, 52, C8, 7E, C7, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 2D, 43, 30, 30, 30, 2D, 46, 69, 78, 41, 75, 74, 6F, 00, 53, 75, 61, 20, 6C, 6F, 69, 20, 64, 6F, 20, 76, 69, 72, 75, 73, 20, 67, 61, 79, 20, 72, 61, 00, 00, 00, 00, 00, 01, 00, 0D, 00, 04, B1, 40, 00, 00, 00, 00, 00, FF, FF, FF, FF, FF, FF, FF, FF, 00, 00, 00, 00, C8, B3, 40, 00, 10, B2, 49, 00...
 
[+]

Entropy:
5.5714

Developed / compiled with:
Microsoft Visual Basic v5.0/v6.0

Code size:
616 KB (630,784 bytes)

Remove FixAuto.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.