home

image-6793.scr

Key Manager

ATNSOFT

The file image-6793.scr, “Key Manager Setup ” has been detected as malware by 16 anti-virus scanners.
Publisher:
ATNSOFT   (signed by ATNSOFT)

Product:
Key Manager

Description:
Key Manager Setup

MD5:
bf33003c8b94b55696603b0508d66dec

SHA-1:
1940d31d91544a08252f050a0f143802126bdaeb

SHA-256:
4b435b9167a52b4f73021a235cbc1f7eed2177593ba40937881d42ac02b13e88

Scanner detections:
16 / 68

Status:
Malware

Analysis date:
5/7/2024 5:37:03 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.2229079
585

Avira AntiVirus
TR/Dropper.MSIL.134011
7.11.218.34

AVG
MSIL7
2016.0.3063

Baidu Antivirus
Trojan.MSIL.Injector
4.0.3.15629

Bitdefender
Trojan.GenericKD.2229079
1.0.20.900

Emsisoft Anti-Malware
Trojan.GenericKD.2229079
8.15.06.29.08

ESET NOD32
MSIL/Injector.IOV (variant)
9.11336

Fortinet FortiGate
MSIL/IOV.GM!tr
6/29/2015

G Data
Trojan.GenericKD.2229079
15.6.25

IKARUS anti.virus
Trojan.MSIL.Injector
t3scan.1.8.6.0

K7 AntiVirus
Trojan
13.201.15291

McAfee
Artemis!BF33003C8B94
5600.6719

MicroWorld eScan
Trojan.GenericKD.2229079
16.0.0.540

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

Sophos
Troj/MSILInj-GM
4.98

Trend Micro House Call
Suspicious_GEN.F47V0316
7.2.180

File size:
1.4 MB (1,435,896 bytes)

Product version:
1.9

Common path:
C:\users\{user}\downloads\image-6793.scr

Digital Signature
Signed by:
ATNSOFT

Authority:
VeriSign, Inc.

Valid from:
11/2/2013 3:00:00 AM

Valid to:
12/2/2016 2:59:59 AM

Subject:
CN=ATNSOFT, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=ATNSOFT, L=Lipetsk, S=Russia, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7586760122385888546CB1A4905819B2

File PE Metadata
Compilation timestamp:
3/15/2015 10:23:43 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:W1IC4iOHi85IiPk4kbjvvsRnvpeX334VfVEQBczFwT3Toy6:W1ISOCiBobjnieXHCfVEjFCoy6

Entry address:
0x11945E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
1.1 MB (1,146,880 bytes)

Remove image-6793.scr - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.