» img980_38.jpg.exe
Overview
Analysis
File Details

img980_38.jpg.exe

{D1CDC79E-9E78-4A5F-9BCD-AB50983E68C7}

The executable img980_38.jpg.exe has been detected as malware by 18 anti-virus scanners.

File name:

img980_38.jpg.exe

Publisher:

{D1CDC79E-9E78-4A5F-9BCD-AB50983E68C7} (signed and verified)

MD5:

427fce39d6ffdcd4a1400845ba53c987

SHA-1:

68cca909f25f56c55fbd44ca0e85d90bf16ab8cb

SHA-256:

c8923f993babdaa49ebc1188a645bee7d55844ee2c38e1596076b6063f2a6ed9

Scanner detections:

18 / 68

Status:

Malware

Analysis date:

4/26/2024 3:45:00 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Dropper.MSIL.30750

7.11.153.48

avast!

Win32:Malware-gen

2014.9-150821

AVG

MSIL3

2016.0.3011

Baidu Antivirus

Trojan.MSIL.Injector

4.0.3.15821

Bitdefender

Trojan.GenericKD.1705347

1.0.20.1165

Comodo Security

UnclassifiedMalware

18440

Dr.Web

BackDoor.Comet.884

9.0.1.0233

Emsisoft Anti-Malware

Trojan.MSIL.Injector

8.15.08.21.07

ESET NOD32

MSIL/Injector.DVM (variant)

9.9896

G Data

Trojan.GenericKD.1705347

15.8.24

IKARUS anti.virus

Trojan.MSIL3

t3scan.1.6.1.0

Malwarebytes

Trojan.MSIL.RV

v2015.08.21.07

McAfee

RDN/Generic.bfr!hh

5600.6667

MicroWorld eScan

Trojan.GenericKD.1705347

16.0.0.699

Panda Antivirus

Generic Malware

15.08.21.07

Sophos

Mal/Cleaman-B

4.98

Trend Micro House Call

TROJ_GEN.R047H08F414

7.2.233

VIPRE Antivirus

Trojan.Win32.Generic

29964

File size:

549.1 KB (562,240 bytes)

File type:

Executable application (Win32 EXE)

Digital Signature

Signed by:

{D1CDC79E-9E78-4A5F-9BCD-AB50983E68C7}

Authority:

{D1CDC79E-9E78-4A5F-9BCD-AB50983E68C7}

Valid from:

4/30/2014 3:09:56 AM

Valid to:

4/30/2015 9:09:56 AM

Subject:

CN={D1CDC79E-9E78-4A5F-9BCD-AB50983E68C7}

Issuer:

CN={D1CDC79E-9E78-4A5F-9BCD-AB50983E68C7}

Serial number:

1E6CC65BB239DD99402691D1631F5B0C

File PE Metadata

Compilation timestamp:

6/4/2014 2:33:40 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

12288:a2IgEQ0jeP4MwC1MYhzZHuRAd2e6L5ERsZEv0EP9YwjUcFzZ9SA:atQ0jeHR1hMZyREEPPXBSA

Entry address:

0x8AA6E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

547 KB (560,128 bytes)

Remove img980_38.jpg.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.