» images.exe
Overview
Analysis
File Details

images.exe

Project1

The executable images.exe has been detected as malware by 39 anti-virus scanners.

File name:

images.exe

Product:

Project1

Version:

1.00

MD5:

e49f053feaf8da04e5705e291ed5808b

SHA-1:

285dd9a6f8a462a6ff93ccd8740f43c5c3a0d6c6

SHA-256:

e18425470cdcc75ba14d6ec5566ad6b4d32ad21e8c288be76d0c5e458e93b752

Scanner detections:

39 / 68

Status:

File is infected by a Virus

Explanation:

The file is infected by a polymorphic file infector virus.

Analysis date:

4/19/2024 1:35:39 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Worm.VB.NGE

517

AhnLab V3 Security

Win32/Virut.F

2015.07.27

Avira AntiVirus

W32/Virut.Gen

8.3.1.6

Arcabit

Worm.VB.NGE

1.0.0.425

avast!

Win32:VxBehav

2014.9-150905

AVG

Worm/AutoRun

2016.0.2995

Baidu Antivirus

Virus.Win32.Virut.$NBP

4.0.3.1595

Bitdefender

Worm.VB.NGE

1.0.20.1240

Bkav FE

W32.HfsAutoB

1.3.0.6979

Clam AntiVirus

Worm.VB-904

0.98/21511

Comodo Security

Virus.Win32.Virut.CE

22872

Dr.Web

Win32.Virut.56

9.0.1.0248

Emsisoft Anti-Malware

Worm.VB.NGE

8.15.09.05.03

ESET NOD32

Win32/Sality.NAJ

9.12000

Fortinet FortiGate

W32/Virut.CE

9/5/2015

F-Prot

W32/S-f8bf8a73

v6.4.7.1.166

F-Secure

Worm.VB.NGE

11.2015-05-09_7

G Data

Worm.VB.NGE

15.9.25

IKARUS anti.virus

Worm.Win32.AutoRun

t3scan.1.9.5.0

K7 AntiVirus

Virus

13.207.16685

Kaspersky

Virus.Win32.Virut

14.0.0.1472

McAfee

W32/Virut.n.gen

5600.6651

Microsoft Security Essentials

Virus:Win32/Sality.R

1.1.11903.0

MicroWorld eScan

Worm.VB.NGE

16.0.0.744

NANO AntiVirus

Virus.Win32.Virut.hpeg

0.30.24.2668

nProtect

Worm.VB.NGE

15.07.23.01

Panda Antivirus

W32/Sality.AO

15.09.05.03

Qihoo 360 Security

Win32/Worm.b5a

1.0.0.1015

Quick Heal

W32.Virut.G

9.15.14.00

Rising Antivirus

PE:Worm.VB.di!1173765604

23.00.65.15903

Sophos

W32/Scribble-B

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-FakeAlert[Windows]

9648

Total Defense

Win32/Virut.17408

37.1.62.1

Trend Micro House Call

PE_VIRUX.R

7.2.248

Trend Micro

PE_VIRUX.R

10.465.05

Vba32 AntiVirus

Virus.Virut.14

3.12.26.4

VIPRE Antivirus

Virus.Win32.Virut.ce.5

42366

ViRobot

Win32.Virut.AM[h]

2014.3.20.0

Zillya! Antivirus

Worm.VB.Win32.9

2.0.0.2317

File size:

276 KB (282,624 bytes)

Product version:

1.00

Original file name:

SHURIKEN 3.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

File PE Metadata

Compilation timestamp:

2/15/2008 2:17:44 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

3072:LL7q8fUjqkmmdzTLKoCRC6IGLlt9S3SI:nfUmk5Kv/IwS3SI

Entry address:

0x4595E

Entry point:

83, 3C, 24, FE, 90, 77, FE, 85, D1, 8D, 64, 24, CC, 80, ED, 00, 60, 83, EC, DC, B9, 56, EC, D4, 11, E8, F4, FE, FF, FF, 4B, FE, CA, 66, 4B, 75, FC, 0F, 99, C6, 4F, E9, 52, FE, FF, FF, 5A, 8B, 79, 17, 46, 83, C6, 4A, 42, 8B, 04, 1F, 83, DE, 75, 83, C7, 04, 8D, 12, 8D, 74, 18, FD, 3B, 51, 0F, 90, 0F, 83, 08, FE, FF, FF, 40, 53, 8D, 1E, 33, C0, 51, 6B, C0, 0F, 0F, 93, C3, 81, DB, CC, AA, C4, 8F, 10, D7, 0F, B6, 4E, 03, 2B, C1, 83, EE, EE, 01, D3, 8D, 76, EF, B3, 3E, 87, CB, 8D, 4B, 15, 80, 7E, 03, 0A, 73, D7... 
[+]

Entropy:

5.8214

Code size:

136 KB (139,264 bytes)

Remove images.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.