» hdd regenerator.exe
Overview
Analysis
File Details

hdd regenerator.exe

NGO

The executable hdd regenerator.exe has been detected as malware by 17 anti-virus scanners.

File name:

hdd regenerator.exe

Publisher:

NGO (signed and verified)

MD5:

f1754a81640c7181fe12666dd1cc69c1

SHA-1:

7da3d6ce24b0dc748d6bce1dfe2d2b0ec9866c5b

SHA-256:

51401797666295ece902534dc139602d160aec8fabd206388001e4fa4eb9076c

Scanner detections:

17 / 68

Status:

Malware

Analysis date:

4/26/2024 2:55:00 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Packer.RLPack.D.miX@au0DVzei

892

Avira AntiVirus

TR/Crypt.XPACK.Gen

7.11.168.134

AVG

Cryptic

2015.0.3370

Bitdefender

Gen:Packer.RLPack.D.miX@au0DVzei

1.0.20.1195

Bkav FE

W32.Clod851.Trojan

1.3.0.4959

Comodo Security

UnclassifiedMalware

19266

Emsisoft Anti-Malware

Gen:Packer.RLPack.D.miX@au0DVzei

8.14.08.27.08

F-Prot

W32/Heuristic-210

v6.4.7.1.166

F-Secure

Gen:Packer.RLPack.D.miX@au0DVzei

11.2014-27-08_4

G Data

Gen:Packer.RLPack.D.miX@au0DVzei

14.8.24

IKARUS anti.virus

Gen.Packer.RLPack

t3scan.1.7.5.0

McAfee

Artemis!F1754A81640C

5600.7026

MicroWorld eScan

Gen:Packer.RLPack.D.miX@au0DVzei

15.0.0.717

NANO AntiVirus

Trojan.Win32.XPACK.byucod

0.28.2.61721

Panda Antivirus

Trj/CI.A

14.08.27.08

Rising Antivirus

PE:Trojan.Win32.Generic.15A31064!363008100

23.00.65.14825

VIPRE Antivirus

Packed.Win32.NSAnti.r

32420

File size:

193 KB (197,584 bytes)

File type:

Executable application (Win32 EXE)

Digital Signature

Signed by:

NGO

Authority:

NGO

Valid from:

5/23/2010 7:32:06 PM

Valid to:

12/31/2039 8:59:59 PM

Subject:

CN=NGO

Issuer:

CN=NGO

Serial number:

6AB7464FF568EC874F545074F7364BC0

File PE Metadata

Compilation timestamp:

9/10/1987 3:27:18 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

5.12

CTPH (ssdeep):

3072:YHljHeBLZDlrgqg2PSgwCKA20/yD17Gf8gmL2f20a1foYxWX4Swi5:YdO1lE2PibT8UgmL2f7CAbsW

Entry address:

0x887B5C

Entry point:

B8, 00, 00, 00, 00, 60, 0B, C0, 74, 68, E8, 00, 00, 00, 00, 58, 05, 53, 00, 00, 00, 80, 38, E9, 75, 13, 61, EB, 45, DB, 2D, 37, 00, 00, 00, FF, FF, FF, FF, FF, FF, FF, FF, 3D, 40, E8, 00, 00, 00, 00, 58, 25, 00, F0, FF, FF, 33, FF, 66, BB, 19, 5A, 66, 83, C3, 34, 66, 39, 18, 75, 12, 0F, B7, 50, 3C, 03, D0, BB, E9, 44, 00, 00, 83, C3, 67, 39, 1A, 74, 07, 2D, 00, 10, 00, 00, EB, DA, 8B, F8, B8, 00, 00, 00, 00, 03, C7, B9, 00, 00, 00, 00, 03, CF, EB, 0A, B8, 00, 00, 00, 00, B9, 00, 00, 00, 00, 50, 51, E8, 84... 
[+]

Packer / compiler:

Themida 1.8.x.x

Remove hdd regenerator.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.