home

jx5v4.exe

Dialoge

Bitsum Technologies

The executable jx5v4.exe has been detected as malware by 28 anti-virus scanners. Accoriding to the detections, it is a variant of Zbot (Zeus), a trojan that attempts to steal confidential information (online credentials, and banking details) from a compromised computer and send it to online criminals via a command-and-control server.
Publisher:
Bitsum Technologies  (signed and verified)

Product:
Dialoge

Description:
Fürbass5

Version:
1.01.0004

MD5:
6e8df43ab0723f1465bf3b87d60ce240

SHA-1:
7b6f71c2cd8caf111b24adff9a5fa06d12cf1fef

SHA-256:
76168de8299e186bfb25706e2265de6e6aa9f0da3d06f8f07c614c186e32bafe

Scanner detections:
28 / 68

Status:
Malware

Analysis date:
4/20/2024 5:13:48 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Symmi.48054
402

AhnLab V3 Security
Trojan/Win32.Zbot
2014.11.16

Avira AntiVirus
TR/Dropper.VB.23402
7.11.186.88

avast!
Win32:Malware-gen
2014.9-151230

AVG
Dropper.Generic9
2016.0.2880

Baidu Antivirus
Trojan.Win32.VBKryjetor
4.0.3.151230

Bitdefender
Gen:Variant.Symmi.48054
1.0.20.1820

Dr.Web
Trojan.Siggen6.23087
9.0.1.0364

Emsisoft Anti-Malware
Gen:Variant.Symmi.48054
8.15.12.30.11

ESET NOD32
Win32/Boaxxe.BR
9.10730

Fortinet FortiGate
W32/VBKryjetor.XR!tr
12/30/2015

F-Secure
Gen:Variant.Symmi.48054
11.2015-30-12_4

G Data
Gen:Variant.Symmi.48054
15.12.24

IKARUS anti.virus
Trojan.Win32.VBKryjetor
t3scan.1.8.3.0

K7 AntiVirus
Trojan
13.185.14021

Kaspersky
Trojan.Win32.VBKryjetor
14.0.0.893

Malwarebytes
Spyware.Zbot.ED
v2015.12.30.11

McAfee
RDN/Generic.dx!dgv
5600.6536

Microsoft Security Essentials
Trojan:Win32/Miuref.F
1.11104

MicroWorld eScan
Gen:Variant.Symmi.48054
16.0.0.1092

NANO AntiVirus
Trojan.Win32.VBKryjetor.diubcg
0.28.6.63362

Panda Antivirus
Trj/Chgt.K
15.12.30.11

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

Quick Heal
TrojanPWS.Zbot.S3
12.15.14.00

Sophos
Mal/Generic-S
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Zbot
9416

Trend Micro House Call
Suspicious_GEN.F47V1113
7.2.364

VIPRE Antivirus
Trojan.Win32.Generic
34828

File size:
146 KB (149,520 bytes)

Product version:
1.01.0004

Copyright:
Layoutdarstellung

Trademarks:
Musikerlebnis

Original file name:
Fourx.exe

File type:
Executable application (Win32 EXE)

Language:
Thai (Thailand)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\{random}\jx5v4.exe

Digital Signature
Signed by:
Bitsum Technologies

Authority:
The USERTRUST Network

Valid from:
9/30/2009 7:00:00 PM

Valid to:
10/1/2010 6:59:59 PM

Subject:
CN=Bitsum Technologies, O=Bitsum Technologies, STREET=1605 Allen Rd., L=Talbott, S=TN, PostalCode=37877, C=US

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
00FC594B2E2C30E2B41F4CA24B350BCA89

File PE Metadata
Compilation timestamp:
11/18/2014 4:56:53 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:5AmZAIwfnb5RJxeXZTYKFy+9HSyJACbm3bTYM2bTVR5oBBNPe0Z3WLy:5ANI4hxehYQHAC6TYM2b5fcvW0d

Entry address:
0x1294

Entry point:
68, 64, 6B, 41, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 73, FC, 1D, B1, 00, DF, 3A, 4A, BF, 4E, F9, 7F, 67, 37, 7F, C3, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 80, 68, D8, 02, 61, 75, 73, 76, 65, 72, 6B, 61, 75, 66, 74, 65, 72, 00, 41, 00, 00, 00, 00, 00, FF, CC, 31, 00, 03, 2E, B3, 35, 19, 70, 33, 7B, 49, 82, 29, C8, 4B, 44, 85, 37, 47, 89, 02, 83, A0, BB, 46, 9F, 4E, AE, B2, 65, 3E, F3, 12, AB, A0, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
6.1144

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
120 KB (122,880 bytes)

Remove jx5v4.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.