» javawindowssysg.cpl.zip
Overview
Analysis
File Details

javawindowssysg.cpl.zip

The file javawindowssysg.cpl.zip has been detected as malware by 26 anti-virus scanners.

File name:

MD5:

862a1c85cfd7fc1cd2e60eb3bca903a8

SHA-1:

0dc4af5fd0c0e393206877562f458405a772bb84

SHA-256:

811891df0c5add8818fe586c44da9f8afa86ef6c32d76d07bcfa9b7db4813ab3

Scanner detections:

26 / 68

Status:

Malware

Analysis date:

4/26/2024 4:54:48 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Symmi.26172

504

AhnLab V3 Security

Spyware/Win32.Bancos

2015.09.18

Avira AntiVirus

TR/Spy.Banker.Gen

8.3.2.2

Arcabit

Trojan.Symmi.D663C

1.0.0.545

avast!

Win32:Banker-MGL [Trj]

2014.9-150918

Bitdefender

Gen:Variant.Symmi.26172

1.0.20.1305

Dr.Web

Trojan.PWS.Banker1.18533

9.0.1.0277

Emsisoft Anti-Malware

Gen:Variant.Symmi.26172

8.15.09.18.05

ESET NOD32

Win32/Spy.Banker.ACLA (variant)

9.12272

Fortinet FortiGate

W32/ChePro.ACLA!tr

9/18/2015

F-Secure

Trojan:W32/Banker.JMJ

11.2015-18-09_6

G Data

Gen:Variant.Symmi.26172

15.9.25

K7 AntiVirus

Trojan

13.210.17253

Kaspersky

Trojan-Banker.Win32.ChePro

14.0.0.1406

McAfee

GenericR-EJQ!862A1C85CFD7

5600.6638

Microsoft Security Essentials

TrojanSpy:Win32/Banker.AOT

1.1.12101.0

MicroWorld eScan

Gen:Variant.Symmi.26172

16.0.0.783

NANO AntiVirus

Trojan.Win32.ChePro.dwvdvi

0.30.24.3283

Panda Antivirus

Trj/Genetic.gen

15.09.18.05

Qihoo 360 Security

HEUR/QVM25.0.Malware.Gen

1.0.0.1015

Reason Heuristics

Threat.Win.Reputation.IMP

15.10.4.18

Rising Antivirus

PE:Malware.RDM.40!5.2E[F1]

23.00.65.15916

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

Mal_Banload1

7.2.261

Trend Micro

Mal_Banload1

10.465.18

VIPRE Antivirus

Trojan.Win32.Generic

43670

File size:

852.5 KB (872,960 bytes)

File PE Metadata

Compilation timestamp:

6/19/1992 3:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:3Atlj1jnWWQRJ5Wvk+4lqc3m63i2AQHrHd1QOvbGOO6ixKw5DUvD:3MtMB/5npQdp2AQL9Rv6OO6ob5c

Entry address:

0xBA7A8

Entry point:

55, 8B, EC, 83, C4, C4, B8, 98, A3, 4B, 00, E8, B8, BD, F4, FF, E8, 13, 98, F4, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 32, 13, 8B, C0, 02, 00, 8B, C0... 
[+]

Entropy:

6.6168

Developed / compiled with:

Microsoft Visual C++

Code size:

742 KB (759,808 bytes)

Remove javawindowssysg.cpl.zip - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.