» izegxihri.dat
Overview
Analysis
File Details

izegxihri.dat

Microsoft Visual Studio 10

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The file izegxihri.dat, “MFC Language Specific Resources” has been detected as a potentially unwanted program by 36 anti-malware scanners.

File name:

izegxihri.dat

Publisher:

Microsoft Corporation* (Invalid match)

Product:

Microsoft® Visual Studio® 10

Description:

MFC Language Specific Resources

Version:

10.00.40219.325

MD5:

3051a669dd60752fd3ef42aebf907ff1

SHA-1:

a0ee6d85848642a4a74a5df119ccbf4b4b3ec235

SHA-256:

e960cf7bf6b2155cde88ab6c0843073e83b1e326fb517ff6b796ce256a5085b1

Scanner detections:

36 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 10:24:00 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1705736

577

Agnitum Outpost

Trojan.PWS.Tepfer

7.1.1

AhnLab V3 Security

Dropper/Win32.Necurs

2014.09.29

Avira AntiVirus

TR/Crypt.ZPACK.68008

7.11.174.252

avast!

Win32:Rootkit-gen [Rtk]

2014.9-150707

AVG

PSW.Generic12

2016.0.3055

Baidu Antivirus

Trojan.Win32.InfoStealer

4.0.3.1577

Bitdefender

Trojan.GenericKD.1705736

1.0.20.940

Bkav FE

HW32.Paked

1.3.0.4959

Comodo Security

UnclassifiedMalware

19645

Dr.Web

Trojan.PWS.Papras.334

9.0.1.0188

Emsisoft Anti-Malware

Trojan.GenericKD.1705736

8.15.07.07.03

ESET NOD32

Win32/PSW.Papras.DC

9.10478

Fortinet FortiGate

W32/Kryptic.XCCX!tr

7/7/2015

F-Prot

W32/Trojan4.AGZS

v6.4.7.1.166

F-Secure

Trojan.GenericKD.1705736

11.2015-07-07_3

G Data

Trojan.GenericKD.1705736

15.7.24

IKARUS anti.virus

Backdoor.Win32.Vawtrak

t3scan.1.7.8.0

K7 AntiVirus

Unwanted-Program

13.183.13504

Kaspersky

Trojan-PSW.Win32.Tepfer

14.0.0.1772

Malwarebytes

Trojan.FakeMS.SVSGen

v2015.07.07.03

McAfee

Generic.sq

5600.6711

Microsoft Security Essentials

Backdoor:Win32/Vawtrak

1.11005

MicroWorld eScan

Trojan.GenericKD.1705736

16.0.0.564

NANO AntiVirus

Trojan.Win32.Tepfer.dawedx

0.28.2.62286

Norman

Suspicious_Gen4.GKLAM

11.20150707

nProtect

Trojan-PWS/W32.Tepfer.306584

14.09.28.01

Panda Antivirus

Trj/Genetic.gen

15.07.07.03

Qihoo 360 Security

Win32/Trojan.f7a

1.0.0.1015

Quick Heal

TrojanPSW.Tepfer.r5

7.15.14.00

Sophos

Mal/Generic-L

4.98

Trend Micro House Call

BKDR_VAWTRAK.AP

7.2.188

Trend Micro

BKDR_VAWTRAK.AP

10.465.07

Vba32 AntiVirus

TrojanPSW.Tepfer

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

33494

Zillya! Antivirus

Trojan.Tepfer.Win32.73472

2.0.0.1936

File size:

299.4 KB (306,584 bytes)

Product version:

10.00.40219.325

Original file name:

MFC100ENU.DLL

Language:

English (United States)

Common path:

C:\ProgramData\izegxihri.dat

File PE Metadata

Compilation timestamp:

8/28/2002 6:21:31 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

6144:LZZRZRZZZSn44u4u444fIQoY/nuNIJSKwJQ/uyMuJLrDivFWqX8/smin/:PevcQGyZJvOLXMi/

Entry address:

0x812C

Entry point:

68, F5, 22, 01, 10, FF, 15, 20, B0, 00, 10, 6A, 08, 6A, 03, 6A, FC, FF, 15, 3C, B0, 00, 10, 6A, 00, 6A, 20, 68, C0, 1E, 03, 10, 68, 00, 00, 00, 40, 6A, 01, 68, 00, 04, 00, 00, FF, 15, 18, B0, 00, 10, E9, 8A, F1, FF, FF, 55, 8B, EC, 83, EC, 34, C7, 45, E8, 04, 00, 00, 00, C7, 45, EC, 05, 00, 00, 00, C7, 45, D8, 00, 00, 00, 00, C7, 45, DC, 08, 00, 00, 00, C7, 45, F8, 0C, 00, 00, 00, C7, 45, FC, 00, 00, 00, 00, C7, 45, CC, 00, 00, 00, 00, C7, 45, D0, 00, 00, 00, 00, C7, 45, F0, 00, 00, 00, 00, 83, 7D, F0, 00... 
[+]

Entropy:

7.0832

Code size:

40 KB (40,960 bytes)

Remove izegxihri.dat - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.