home

hay day.exe

{D1CDC79E-9E78-4A5F-9BCD-AB50983E68C7}

The executable hay day.exe has been detected as malware by 29 anti-virus scanners.
Publisher:
{D1CDC79E-9E78-4A5F-9BCD-AB50983E68C7}  (signed and verified)

MD5:
5d300a015ba1f3cd2471717d12f6d39f

SHA-1:
b8d888973772e73091432799fb814097680e5588

SHA-256:
6491ecd9d2b42b805d30eaafb35debdcc7c95c250d12eff6dba96e6ba264ab48

Scanner detections:
29 / 68

Status:
Malware

Analysis date:
4/26/2024 4:03:42 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.1716995
645

Agnitum Outpost
Trojan.Agent
7.1.1

Avira AntiVirus
TR/Dropper.MSIL.53237
7.11.198.100

AVG
MSIL3
2016.0.3123

Baidu Antivirus
Trojan.MSIL.Injector
4.0.3.1551

Bitdefender
Trojan.GenericKD.1716995
1.0.20.605

Comodo Security
UnclassifiedMalware
20510

Dr.Web
BackDoor.Comet.884
9.0.1.0121

Emsisoft Anti-Malware
Trojan.GenericKD.1716995
8.15.05.01.02

ESET NOD32
MSIL/Injector.DXW (variant)
9.10936

Fortinet FortiGate
W32/Generic.DXW!tr
5/1/2015

F-Secure
Trojan.GenericKD.1716995
11.2015-01-05_6

G Data
Trojan.GenericKD.1716995
15.5.24

IKARUS anti.virus
Trojan.MSIL3
t3scan.1.8.5.0

K7 AntiVirus
Trojan
13.188.14468

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.2110

McAfee
Artemis!5D300A015BA1
5600.6779

MicroWorld eScan
Trojan.GenericKD.1716995
16.0.0.363

NANO AntiVirus
Trojan.Win32.Comet.dbibcl
0.30.0.64448

Norman
Troj_Generic.UJZYH
11.20150501

nProtect
Trojan.GenericKD.1716995
14.12.26.01

Panda Antivirus
Generic Malware
15.05.01.02

Qihoo 360 Security
HEUR/Malware.QVM03.Gen
1.0.0.1015

Quick Heal
Trojan.Generic.r3
5.15.14.00

Rising Antivirus
PE:Trojan.Win32.Generic.16DB39C8!383465928
23.00.65.15429

Sophos
Mal/Cleaman-B
4.98

Trend Micro House Call
TROJ_GEN.R00JC0RFD14
7.2.121

Trend Micro
TROJ_GEN.R00JC0RFD14
10.465.01

VIPRE Antivirus
Trojan.Win32.Generic
36160

File size:
216.5 KB (221,728 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\hay day.exe

Digital Signature
Signed by:
{D1CDC79E-9E78-4A5F-9BCD-AB50983E68C7}

Authority:
{D1CDC79E-9E78-4A5F-9BCD-AB50983E68C7}

Valid from:
4/29/2014 6:09:56 PM

Valid to:
4/30/2015 12:09:56 AM

Subject:
CN={D1CDC79E-9E78-4A5F-9BCD-AB50983E68C7}

Issuer:
CN={D1CDC79E-9E78-4A5F-9BCD-AB50983E68C7}

Serial number:
1E6CC65BB239DD99402691D1631F5B0C

File PE Metadata
Compilation timestamp:
5/28/2014 6:33:44 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:ArK+xeXol/dlb1D0aCvjkU8XxzaPsla8dr9QTE6HeNTT:Ae7XYlanjkdpaPyzu9eNH

Entry address:
0x3375E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
198 KB (202,752 bytes)

Remove hay day.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.