» galaxylogger - deobfuscated.exe
Overview
Analysis
File Details

galaxylogger - deobfuscated.exe

GalaxyLogger

The executable galaxylogger - deobfuscated.exe has been detected as malware by 21 anti-virus scanners.

File name:

Product:

GalaxyLogger

Version:

1.0.0.0

MD5:

320d8606433aa67baf871a1959e7edc7

SHA-1:

7e01905880019a7f3dafad4f920d90e061e4b6c6

SHA-256:

e498cc164c31d68829b1faf47d946890431b032db45a8749f619cce5c1827673

Scanner detections:

21 / 68

Status:

Malware

Analysis date:

2/22/2026 7:56:05 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.11414201

817

AhnLab V3 Security

Trojan/Win32.HDC

2014.08.22

Avira AntiVirus

TR/Dropper.Gen

7.11.168.134

Bitdefender

Trojan.Generic.11414201

1.0.20.1570

Comodo Security

UnclassifiedMalware

19266

Emsisoft Anti-Malware

Trojan.Generic.11414201

8.14.11.10.03

ESET NOD32

MSIL/HackTool.Agent.CI

8.10293

Fortinet FortiGate

W32/Malware_fam.NB

11/10/2014

F-Secure

Trojan.Generic.11414201

11.2014-10-11_2

G Data

Trojan.Generic.11414201

14.11.24

IKARUS anti.virus

Trojan-Dropper.MSIL

t3scan.1.7.5.0

K7 AntiVirus

Hacktool

13.183.13125

McAfee

RDN/Generic PUP.z!ed

5600.6951

MicroWorld eScan

Trojan.Generic.11414201

15.0.0.942

nProtect

Trojan.Generic.11414201

14.08.21.01

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_GEN.R0CCC0OGB14

7.2.314

Trend Micro

TROJ_GEN.R0CCC0OGB14

10.465.10

Vba32 AntiVirus

TrojanSpy.MSIL.KeyLogger

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

32420

Zillya! Antivirus

Tool.Agent.Win32.9921

2.0.0.1897

File size:

284 KB (290,816 bytes)

Product version:

1.0.0.0

Original file name:

GalaxyLogger.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

File PE Metadata

Compilation timestamp:

4/23/2014 12:00:35 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

6144:R0DxPdEW6n/13aDH+C+5e5e5159J5I3MHlVZlgw5:ydDHz+YY7HQolV

Entry address:

0x457AE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 03, 00, 00, 00, 30, 00, 00, 80, 0E, 00, 00, 00, 60, 00, 00, 80, 10, 00, 00, 00, 90, 00, 00, 80, 18, 00, 00, 00, C0, 00... 
[+]

Entropy:

6.6785

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

270 KB (276,480 bytes)

Remove galaxylogger - deobfuscated.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.