» fotos.exe
Overview
Analysis
File Details

fotos.exe

The executable fotos.exe has been detected as malware by 25 anti-virus scanners.

File name:

fotos.exe

MD5:

e9cbca3f4219282d3ebfea5ed74f9701

SHA-1:

2ce00a846533de89a3ae0b0a9d717b0fa08e7206

SHA-256:

a8affc240fe88305208a013a6b31fbf305bcd2ca17361574f43ed45bf07c7068

Scanner detections:

25 / 68

Status:

Malware

Analysis date:

4/23/2024 6:43:37 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Strictor.41962

6339179

AhnLab V3 Security

Trojan/Win32.Delf

2015.03.27

Avira AntiVirus

TR/Strictor.759

7.11.211.46

avast!

Win32:Vitro

150319-1

Baidu Antivirus

Trojan.Win32.Delf

4.0.3.15327

Bitdefender

Gen:Variant.Strictor.41962

1.0.20.430

Clam AntiVirus

Win.Trojan.Delf-19562

0.98/20247

Dr.Web

Trojan.Siggen3.61196

9.0.1.0168

Emsisoft Anti-Malware

Gen:Variant.Strictor.41962

9.0.0.4799

ESET NOD32

Win32/PSW.Delf.ODE trojan

7.0.302.0

F-Secure

Gen:Variant.Strictor.41962

5.13.68

G Data

Gen:Variant.Strictor.41962

15.3.25

IKARUS anti.virus

Trojan-Spy.Win32.Bancos

t3scan.1.8.9.0

K7 AntiVirus

Trojan

13.202.15399

Kaspersky

Trojan.Win32.Delf

15.0.0.543

Malwarebytes

Trojan.Banker

v2015.03.27.07

McAfee

Trojan.GenericR-APV!E9CBCA3F4219

16.8.708.2

MicroWorld eScan

Gen:Variant.Strictor.41962

16.0.0.258

NANO AntiVirus

Trojan.Win32.Delf.cqzklg

0.30.8.659

Norman

Gen:Variant.Strictor.41962

03.12.2014 13:20:04

Panda Antivirus

Generic Malware

15.03.27.07

Reason Heuristics

Threat.Win.Reputation.IMP

15.6.17.1

Sophos

Troj/Bancos-BQY

4.98

Vba32 AntiVirus

Trojan.Delf

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

37686

File size:

1.6 MB (1,706,496 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

1/15/2012 6:27:26 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:flvC2ujSrHQHPLwPw5NYZV0B9SolPXLGOFMQRjTOcqTEpkq57kkA7q:/7EPSAGcSLq9k

Entry address:

0x14D474

Entry point:

55, 8B, EC, 83, C4, F0, B8, 94, 4C, 54, 00, E8, EC, D7, EB, FF, A1, F4, 39, 55, 00, 8B, 00, E8, 00, F2, F7, FF, A1, F4, 39, 55, 00, 8B, 00, C6, 40, 5B, 00, A1, F4, 39, 55, 00, 8B, 00, B2, 01, E8, DB, 0E, F8, FF, A1, F4, 39, 55, 00, 8B, 00, BA, F0, D4, 54, 00, E8, 0E, EC, F7, FF, 8B, 0D, EC, 3B, 55, 00, A1, F4, 39, 55, 00, 8B, 00, 8B, 15, 7C, 2D, 54, 00, E8, D6, F1, F7, FF, A1, F4, 39, 55, 00, 8B, 00, E8, 1A, F3, F7, FF, E8, CD, 94, EB, FF, 00, B0, 04, 02, 00, FF, FF, FF, FF, 14, 00, 00, 00, A0, 00, A0, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

1.3 MB (1,359,872 bytes)

Remove fotos.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.