hkie-hkweb-hkweb.exe

Scan hkie-hkweb-hkweb.exe - Powered by Reason Core Security
MD5:
8a549256307652a60104f8ca2c38311d

SHA-1:
103b97e7d6c28688dadd251b0b3c9b523dc5d971

SHA-256:
2039d3ff6f57b4fc5922b0a8e02699a6c2d25ca502e97b1410e8f7f4cd7da6ff

Scanner detections:
5 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/4/2016 7:25:19 PM UTC  (today)

Scan engine
Detection
Engine version

Antiy Labs AVL
Trojan/Win32.Delf
0.1.0.1

K7 AntiVirus
Riskware
13.178.12292

K7 Gateway Antivirus
Riskware
13.178.12292

NANO AntiVirus
Trojan.Win32.Agent2.csmix
0.28.0.60100

Rising Antivirus
PE:Trojan.Win32.Generic.15633354!358822740
23.00.65.14608

File size:
430.5 KB (440,832 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\hkie-hkweb-hkweb.exe

File PE Metadata
Compilation timestamp:
6/20/1992 6:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:0cNGj0rh9tz6R+qWw4cON1fhRBXu291wQM:0M+0tz6R+qB4c6ne2P9

Entry address:
0x5ABF8

Entry point:
55, 8B, EC, 83, C4, F0, B8, D8, A9, 45, 00, E8, F0, B4, FA, FF, A1, 10, C1, 45, 00, 8B, 00, E8, 30, 6A, FF, FF, 8B, 0D, 08, C2, 45, 00, A1, 10, C1, 45, 00, 8B, 00, 8B, 15, 40, A4, 45, 00, E8, 30, 6A, FF, FF, A1, 10, C1, 45, 00, 8B, 00, E8, A4, 6A, FF, FF, E8, 43, 93, FA, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.5950

Developed / compiled with:
Microsoft Visual C++

Code size:
359.5 KB (368,128 bytes)

The file hkie-hkweb-hkweb.exe has been seen being distributed by the following URL.

Scan hkie-hkweb-hkweb.exe - Powered by Reason Core Security