home

kavo_killer.exe

The executable kavo_killer.exe has been detected as malware by 7 anti-virus scanners.
MD5:
d89115d1ce851198089bef16562faa10

SHA-1:
2bd108ac6d6cefceadfdf16f9af61a856d590a31

Scanner detections:
7 / 68

Status:
Malware

Analysis date:
4/25/2024 3:23:21 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.Killav
7.1.1

Bkav FE
W32.Clod435.Trojan
1.3.0.4959

Comodo Security
UnclassifiedMalware
18104

Fortinet FortiGate
W32/AutoRun.RPV!worm
4/15/2014

F-Secure
Trojan:W32/KillAV.KH
11.2014-15-04_3

Norman
Suspicious_Gen2.PAXBJ
11.20140415

Panda Antivirus
Trj/Dropper.WF
14.04.15.08

File size:
764.8 KB (783,195 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\documents and settings\administrator\桌面\kavo_killer.exe

File PE Metadata
Compilation timestamp:
12/26/2004 11:34:24 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
12288:bDgegqYWhLtWvuP+yv8Sk8tjhAsoBp7Qy80c0cMbwoIIfY:bD2qYsgmPPPjhAs0Qyrc0cMvS

Entry address:
0x23640

Entry point:
60, BE, 00, 90, 41, 00, 8D, BE, 00, 80, FE, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 75, 20, 41, 01, DB, 75...
 
[+]

Entropy:
7.9864

Packer / compiler:
UPX 2.90LZMA]

Code size:
44 KB (45,056 bytes)

Remove kavo_killer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.