home

HSTCRY~1.EXE

iLoad

mkrautz.dk

The executable HSTCRY~1.EXE has been detected as malware by 6 anti-virus scanners.
Publisher:
Paloma Networks, Inc.  (signed by mkrautz.dk)

Product:
iLoad

Description:
iLoad Software

Version:
6.4.2

MD5:
e60fa2ec322346bc75122aaa7af6ae35

SHA-1:
8b5debe8e8630473d7aee7ce7ae95f33540c769c

SHA-256:
fce459eb741fc6373afff743113204ba9f5caf20c9669129c1d22ead0e6f4b4a

Scanner detections:
6 / 68

Status:
Malware

Analysis date:
5/28/2024 4:31:44 AM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Troj.W32.Gen.m4GE
2.1.4+

Baidu Antivirus
Win32.Trojan.WisdomEyes.151026.9950
4.0.3.16918

ESET NOD32
MSIL/Injector.QGM (variant)
10.14127

Fortinet FortiGate
MSIL/GenKryptik.DEC!tr
9/18/2016

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.-422

Qihoo 360 Security
HEUR/QVM03.0.0000.Malware.Gen
1.0.0.1120

File size:
680.8 KB (697,104 bytes)

Product version:
6.4.2

Copyright:
Copyright (C) 2016 Paloma Networks, Inc.

Original file name:
iload_setup_6.4.2.exe

File type:
Executable application (Win32 EXE)

Language:
German (Germany)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\hstcry~1.exe

Digital Signature
Signed by:
mkrautz.dk

Authority:
COMODO CA Limited

Valid from:
5/14/2015 12:00:00 AM

Valid to:
5/13/2016 11:59:59 PM

Subject:
CN=mkrautz.dk, O=mkrautz.dk, STREET=Kirkegade 6, L=Esbjerg, S=Region of Southern Denmark, PostalCode=6700, C=DK

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00E67B5A22B512A249FB28895542C648F6

File PE Metadata
Compilation timestamp:
9/15/2016 12:48:36 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:xrmCpOpoDl5L28eFbvb+h2P90vKu6L5ch2XxPnvOW6j0vRPe:xrmCOoDl5LwM2V0v7e5chqxnX6j0Ve

Entry address:
0x4271B

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
258 KB (264,192 bytes)

Remove HSTCRY~1.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.