» haqable.exe
Overview
Analysis
File Details
Downloads (3)

haqable.exe

Facebook Hack

The executable haqable.exe has been detected as malware by 11 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from russianhackers.com and multiple other hosts.

File name:

haqable.exe

Publisher:

Facebook Hack

Product:

Facebook Hack

Version:

1.0.0.0

MD5:

4039c535305afaa448c42e330b01a0b3

SHA-1:

c70ec449827369a0d7b2e78d6cc080706a57828e

SHA-256:

09b42d1556f133933c8188215d86cf26b2cdd4e8a775e4ef2db96abaf14df907

Scanner detections:

11 / 68

Status:

Malware

Analysis date:

5/21/2024 10:29:35 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Heur.MSIL.Krypt.85

957

Bitdefender

Gen:Heur.MSIL.Krypt.85

1.0.20.870

Emsisoft Anti-Malware

Gen:Heur.MSIL.Krypt.85

8.14.06.23.03

F-Secure

Gen:Heur.MSIL.Krypt.85

11.2014-23-06_2

G Data

Gen:Heur.MSIL.Krypt.85

14.6.24

IKARUS anti.virus

Win32.SuspectCrc

t3scan.1.6.1.0

Malwarebytes

Trojan.Generic

v2014.06.23.03

MicroWorld eScan

Gen:Heur.MSIL.Krypt.85

15.0.0.522

Qihoo 360 Security

Win32/Trojan.fe7

1.0.0.1015

SUPERAntiSpyware

Trojan.Agent/Gen-Falofn[Cont]

10527

Trend Micro House Call

TROJ_GEN.F47V0609

7.2.174

File size:

3.2 MB (3,344,384 bytes)

Product version:

1.0.0.0

Trademarks:

Facebook Hack

Original file name:

Facebook Hack.exe

File type:

Executable application (Win0 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\haqable.exe

File PE Metadata

Compilation timestamp:

6/9/2014 6:23:23 AM

.NET CLR dependent:

Yes

CTPH (ssdeep):

98304:WXdrHqhCnEEhKeV9gnzSjlyHulVRxq6o2HMkrk:orgCnQzSByHulVrps

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

The file haqable.exe has been seen being distributed by the following 3 URLs.

http://russianhackers.com/FacebookPassword.exe

http://www.hack7.com/download.php

http://loginthief.com/loginthief.exe

Remove haqable.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.