home

kb475327761.exe

Miranda IM

The executable kb475327761.exe has been detected as malware by 9 anti-virus scanners.
Publisher:
Miranda IM

Product:
Miranda IM

Version:
0.10.24.0

MD5:
db814e2a1ed79d1c32976ed998696bd7

SHA-1:
94eefb3b9d4df01e5d34a4ee987a36eaed36e6f8

SHA-256:
51e6e8b2bcaacbfc6c72daa496c655a33d3a9d017af45baeee6b7757f0b73ce6

Scanner detections:
9 / 68

Status:
Malware

Analysis date:
4/26/2024 7:59:34 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Delf.QDR
675

AVG
BackDoor.Ircbot
2016.0.3153

Baidu Antivirus
Trojan.Win32.Injector
4.0.3.1541

Bitdefender
Trojan.Delf.QDR
1.0.20.455

Emsisoft Anti-Malware
Trojan.Delf.QDR
8.15.04.01.07

ESET NOD32
Win32/Injector.BXGJ (variant)
9.11401

G Data
Trojan.Delf.QDR
15.4.25

MicroWorld eScan
Trojan.Delf.QDR
16.0.0.273

Sophos
Troj/DarkCom-Z
4.98

File size:
1.3 MB (1,315,328 bytes)

Product version:
0.10.24.0

Copyright:
Copyright © 2000-2014 Miranda IM Project. This software is licensed under the terms of the GNU General Public License.

Original file name:
miranda32.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\kb475327761.exe

File PE Metadata
Compilation timestamp:
6/19/1992 10:10:51 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:+VTvRaeKGlHiM4lKD13YxWnVZunCAEJYQHxw88o878AsfRJ/kkkkckkkkbkkkhkA:YvbvlZVRhnbVAEa1YJJdsqeYaxSiGbO+

Entry address:
0xA4CBC

Entry point:
55, 8B, EC, 83, C4, F0, B8, 74, 4A, 4A, 00, E8, 5C, 20, F6, FF, A1, 78, E6, 4A, 00, 8B, 00, E8, 90, 52, FB, FF, 8B, 0D, D4, E7, 4A, 00, A1, 78, E6, 4A, 00, 8B, 00, 8B, 15, 78, 40, 4A, 00, E8, 90, 52, FB, FF, A1, 78, E6, 4A, 00, 8B, 00, E8, 04, 53, FB, FF, E8, AB, F8, F5, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
655.5 KB (671,232 bytes)

Remove kb475327761.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.