» herl3d.backup
Overview
Analysis
File Details

herl3d.backup

Jonathan Bennett

The file herl3d.backup has been detected as malware by 21 anti-virus scanners.

File name:

herl3d.backup

Publisher:

Jonathan Bennett (signed and verified)

MD5:

1bbb774de6b92c8778085e165ead704e

SHA-1:

d99f301885127b2b96815fb38aaf559f9820adc2

SHA-256:

f29ced04df9b40415fafb313977c678f5517d83cf11684e6a8286e8435679cc8

Scanner detections:

21 / 68

Status:

Malware

Analysis date:

4/27/2024 3:24:30 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.2742716

Avira AntiVirus

TR/Drop.Autoit.1449546

8.3.2.2

Arcabit

Trojan.Generic.D29D9BC

1.0.0.567

avast!

Win32:Malware-gen

2014.9-161113

Bitdefender

Trojan.GenericKD.2742716

1.0.20.1590

Emsisoft Anti-Malware

Trojan.GenericKD.2742716

8.16.11.13.10

ESET NOD32

Win32/Injector.Autoit.BVZ

10.12325

Fortinet FortiGate

W32/Autoit.BVF!tr

11/13/2016

F-Secure

Trojan.GenericKD.2742716

11.2016-13-11_1

G Data

Trojan.GenericKD.2742716

16.11.25

IKARUS anti.virus

Trojan.Win32.Injector

t3scan.1.9.5.0

K7 AntiVirus

Trojan

13.210.17358

Kaspersky

Trojan.Win32.Autoit

14.0.0.-705

Microsoft Security Essentials

TrojanSpy:MSIL/Omaneat.B

1.1.12101.0

MicroWorld eScan

Trojan.GenericKD.2742716

17.0.0.954

nProtect

Trojan.GenericKD.2742716

15.09.25.01

Panda Antivirus

Generic Suspicious

16.11.13.10

Rising Antivirus

PE:Worm.Win32.Autorun.txu!1614223[F1]

23.00.65.161111

Sophos

Mal/Generic-S

4.98

Trend Micro

TROJ_GEN.R047C0DIQ15

10.465.13

VIPRE Antivirus

Trojan.Win32.Generic

44138

File size:

1.4 MB (1,449,546 bytes)

Common path:

C:\ProgramData\herl3d.backup

Digital Signature

Signed by:

Jonathan Bennett

Authority:

GlobalSign nv-sa

Valid from:

3/2/2006 9:29:50 AM

Valid to:

3/2/2009 9:29:50 AM

Subject:

E=support@autoitscript.com, CN=Jonathan Bennett, C=GB

Issuer:

CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:

01000000000109BB944948

File PE Metadata

Compilation timestamp:

9/10/2007 9:57:50 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

24576:ugDhdkMRWfLTUO2Zu1u7Z6VEnYVvUQAi5Ne77G4C3gSjPrmUY:RdkMgl2ZusNnYq5i5Ne/ijmUY

Entry address:

0x5282D

Entry point:

E8, 58, B1, 00, 00, E9, 17, FE, FF, FF, B8, AB, E4, 45, 00, A3, 38, 4E, 47, 00, C7, 05, 3C, 4E, 47, 00, A7, DB, 45, 00, C7, 05, 40, 4E, 47, 00, 65, DB, 45, 00, C7, 05, 44, 4E, 47, 00, 99, DB, 45, 00, C7, 05, 48, 4E, 47, 00, 0F, DB, 45, 00, A3, 4C, 4E, 47, 00, C7, 05, 50, 4E, 47, 00, 25, E4, 45, 00, C7, 05, 54, 4E, 47, 00, 25, DB, 45, 00, C7, 05, 58, 4E, 47, 00, 8F, DA, 45, 00, C7, 05, 5C, 4E, 47, 00, 1E, DA, 45, 00, C3, E8, 9B, FF, FF, FF, E8, 90, BC, 00, 00, 83, 7C, 24, 04, 00, A3, D4, 6A, 47, 00, 74, 05... 
[+]

Code size:

399 KB (408,576 bytes)

Remove herl3d.backup - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.