» idm.exe
Overview
Analysis
File Details

idm.exe

The executable idm.exe has been detected as malware by 18 anti-virus scanners. This backdoor trojan may be used to conduct distributed denial of service attacks, or used to install additional trojans or other forms of malicious software as well as can steal your sensitive information.

File name:

idm.exe

Version:

0.0.0.0

MD5:

cd4e80c0d6cd633f8256128c147d3b21

SHA-1:

5ff7a471686810c70bf30e9e1f1947f6c00d7861

SHA-256:

bc1fb289ecd36ae2458b1fe8dc47f53c8907caf261c34f74e08b45ff59d770fd

Scanner detections:

18 / 68

Status:

Malware

Analysis date:

4/19/2024 10:59:06 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.422519

895

AhnLab V3 Security

Malware/Win32.Generic

2014.08.24

Avira AntiVirus

BDS/Bladabindi.ajonk

7.11.168.242

avast!

MSIL:GenMalicious-DD [Trj]

140813-1

AVG

Trojan horse MSIL4.ATUG

2014.0.4007

Bitdefender

Gen:Variant.Kazy.422519

1.0.20.1175

Dr.Web

Trojan.DownLoader4.34932

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Kazy.422519

8.14.08.23.03

ESET NOD32

MSIL/Injector.DTX trojan

7.0.302.0

F-Secure

Gen:Variant.Kazy.422519

11.2014-23-08_7

G Data

Gen:Variant.Kazy.422519

14.8.24

IKARUS anti.virus

Trojan.MSIL2

t3scan.1.7.5.0

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.3362

Malwarebytes

Backdoor.MSIL.PGen

v2014.08.23.03

Microsoft Security Essentials

Backdoor:MSIL/Bladabindi.AJ

1.10904

MicroWorld eScan

Gen:Variant.Kazy.422519

15.0.0.705

NANO AntiVirus

Trojan.Win32.DownLoader10.dbhzyn

0.28.2.61721

Qihoo 360 Security

Malware.QVM03.Gen

1.0.0.1015

File size:

127.5 KB (130,560 bytes)

Product version:

0.0.0.0

Original file name:

FileProtectedCSharp.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\temp\idm.exe

File PE Metadata

Compilation timestamp:

8/5/2014 12:26:12 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

1536:yNH9Bx63r077NPXQw7GlL5M0WsXjDXBwXc2hBjsVB161:C63Q77NPN7GlLu0Ljac2h1

Entry address:

0x214AE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

125.5 KB (128,512 bytes)

Remove idm.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.