» kasiak.exe
Overview
Analysis
File Details

kasiak.exe

The application kasiak.exe has been detected as a potentially unwanted program by 37 anti-malware scanners.

File name:

kasiak.exe

MD5:

3dbc0e917c81a21f13d3528d3f6ea01c

SHA-1:

09604d738565c1106ab061a9b97922b8c6ceb63b

SHA-256:

bd1cdccc46e7413d9f8e4a2fc4a1f843bc3d1d9189378c415bf0cec9add02c88

Scanner detections:

37 / 68

Status:

Potentially unwanted

Analysis date:

4/23/2024 10:43:27 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Agent.BITQ

623

Agnitum Outpost

Trojan.DL.Upatre

7.1.1

AhnLab V3 Security

Trojan/Win32.Upatre

2015.05.08

avast!

Win32:Malware-gen

2014.9-150522

AVG

Crypt4

2016.0.3101

Baidu Antivirus

Adware.Win32.iBryte

4.0.3.15522

Bitdefender

Trojan.Agent.BITQ

1.0.20.710

Clam AntiVirus

Win.Trojan.Upatre-1728

0.98/21511

Comodo Security

TrojWare.Win32.TrojanDownloader.Waski.BADA

22030

Dr.Web

Trojan.Upatre.165

9.0.1.0142

Emsisoft Anti-Malware

Trojan.Agent.BITQ

8.15.05.22.02

ESET NOD32

Win32/Kryptik.DEJQ (variant)

9.11591

Fortinet FortiGate

W32/UPATRE.M!tr

5/22/2015

F-Prot

W32/Trojan3.OPI

v6.4.7.1.166

F-Secure

Trojan.Agent.BITQ

11.2015-22-05_6

G Data

Trojan.Agent.BITQ

15.5.25

IKARUS anti.virus

Trojan-Downloader.Win32.Waski

t3scan.1.8.9.0

K7 AntiVirus

Riskware

13.203.15838

Kaspersky

Trojan-Downloader.Win32.Upatre

14.0.0.2002

Malwarebytes

Trojan.Email.FakeDoc

v2015.05.22.02

McAfee

Upatre-FAAR!3DBC0E917C81

5600.6757

Microsoft Security Essentials

TrojanDownloader:Win32/Upatre

1.1.11602.0

MicroWorld eScan

Trojan.Agent.BITQ

16.0.0.426

NANO AntiVirus

Trojan.Win32.Upatre.dqfddm

0.30.24.1357

Norman

Kryptik.CFBF

11.20150522

nProtect

Trojan/W32.Agent.30208.XN

15.05.07.01

Panda Antivirus

Trj/Genetic.gen

15.05.22.02

Qihoo 360 Security

HEUR/QVM19.1.Malware.Gen

1.0.0.1015

Quick Heal

TrojanDownloader.Upatre.r5

5.15.14.00

Reason Heuristics

Threat.Win.Reputation.IMP

15.5.29.14

Rising Antivirus

PE:Trojan.Win32.Generic.18539F18!408133400

23.00.65.15520

Sophos

Troj/Upatre-KB

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Infector

9860

Trend Micro House Call

Suspicious_GEN.F47V0401

7.2.142

Trend Micro

TROJ_UPATRE.SMNC

10.465.22

Vba32 AntiVirus

TrojanDownloader.Upatre

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

40034

File size:

29.5 KB (30,208 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\kasiak.exe

File PE Metadata

Compilation timestamp:

10/29/1997 6:09:00 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

1.0

CTPH (ssdeep):

384:KpEe+EJT2MW2B0+Kj9fMOLqYLv5wEKs7PbO8QDsA7yULW7:sQ2EbOszL77A7yU

Entry address:

0x1000

Entry point:

E9, 4B, 00, 00, 00, 33, D8, 0B, C2, 23, D3, 8B, C9, 2B, D2, 2B, DA, 33, C3, 23, D3, 2B, D8, 03, C9, 03, C2, 03, CA, 03, C2, 33, CB, 23, CA, 2B, C2, 23, D3, 2B, D8, 03, C9, 03, C2, 03, CA, 03, C2, 33, CB, 23, CA, 2B, C2, 8B, EC, 8B, F4, BF, 01, FF, 00, 00, 66, 3B, F7, 0F, 87, 07, 00, 00, 00, CC, FF, E2, CC, C3, C3, CC, 33, D8, 0B, C2, 23, D3, 8B, C9, 2B, D2, 2B, DA, 33, C3, 8B, EC, 8B, F4, BF, 01, FF, 00, 00, 66, 3B, F7, 0F, 86, 17, 00, 00, 00, BF, 22, 01, 00, 00, BE, 12, 01, 00, 00, 81, C7, DE, 4E, 40, 00... 
[+]

Entropy:

6.0865

Packer / compiler:

Xtreme-Protector v1.05

Code size:

8 KB (8,192 bytes)

Remove kasiak.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.