» idtools.exe
Overview
Analysis
File Details

idtools.exe

{B1A3E942-0C97-49A3-8C63-10C008633F19}

The executable idtools.exe has been detected as malware by 12 anti-virus scanners.

File name:

idtools.exe

Publisher:

{B1A3E942-0C97-49A3-8C63-10C008633F19} (signed and verified)

Version:

0.0.0.0

MD5:

4912717b00ac6b3e5de254aeda89795a

SHA-1:

4d29d33d7a72fd235b66804d2c1d180ad5a2d930

SHA-256:

5654b129cfdd71bdfc6487c910a9317fe8bf940a11b5d73554a19f0c37cf3912

Scanner detections:

12 / 68

Status:

Malware

Analysis date:

4/23/2024 6:02:35 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Barys.1878

897

AhnLab V3 Security

Backdoor/Win32.Agent

2014.08.22

AVG

Trojan horse Zbot.FRR

2014.0.4007

Bitdefender

Gen:Variant.Barys.1878

1.0.20.1165

Dr.Web

Trojan.PWS.Siggen1.16006

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Barys.1878

8.14.08.21.08

ESET NOD32

MSIL/Injector.CUG trojan

7.0.302.0

F-Secure

Gen:Variant.Barys.1878

11.2014-21-08_5

G Data

Gen:Variant.Barys.1878

14.8.24

Kaspersky

Trojan.Win32.Inject

15.0.0.494

Malwarebytes

Spyware.Password

v2014.08.21.08

MicroWorld eScan

Gen:Variant.Barys.1878

15.0.0.699

File size:

490.1 KB (501,824 bytes)

Product version:

0.0.0.0

Original file name:

lk.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Digital Signature

Signed by:

{B1A3E942-0C97-49A3-8C63-10C008633F19}

Authority:

{B1A3E942-0C97-49A3-8C63-10C008633F19}

Valid from:

11/26/2013 11:15:56 PM

Valid to:

11/27/2014 5:15:56 AM

Subject:

CN={B1A3E942-0C97-49A3-8C63-10C008633F19}

Issuer:

CN={B1A3E942-0C97-49A3-8C63-10C008633F19}

Serial number:

170631A2653871824A2B0B818369A5C6

File PE Metadata

Compilation timestamp:

2/16/2014 9:25:31 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

3072:YfTvHAdvsz2D/zLGzVvJL0gMGIUAxL1Ys6qtFy8CBF09MoDm1BHe:YfTvHcUuLGzNJ0kIzxhH6qH6F09q1BHe

Entry address:

0x11F4E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

64 KB (65,536 bytes)

Remove idtools.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.