home

keygen.exe

The application keygen.exe has been detected as a potentially unwanted program by 20 anti-malware scanners. This is a setup program which is used to install the application.
MD5:
1c069cf8acd3f0adf285d977731fa389

SHA-1:
4daf000951f851aa424d9f0bcc0529090393c0ae

SHA-256:
6bc1c630c9f1d8d51e24330c46c5227d205b012ba3690b3ad71e65883cf055fc

Scanner detections:
20 / 68

Status:
Potentially unwanted

Analysis date:
4/23/2024 8:41:17 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Application.Keygen.Strictor.61692
796

AhnLab V3 Security
Unwanted/Win32.Keygen
2014.11.29

avast!
Win32:Malware-gen
2014.9-141130

AVG
Crack
2015.0.3274

Baidu Antivirus
Hacktool.Win32.Keygen
4.0.3.141130

Bitdefender
Gen:Variant.Application.Keygen.Strictor.61692
1.0.20.1670

Bkav FE
HW32.Packed
1.3.0.6267

ESET NOD32
Win32/Keygen.HU potentially unsafe application
6.3.12010.0

Fortinet FortiGate
W32/Keygen.HU
11/30/2014

F-Secure
Variant.Application.Keygen
5.15.154

G Data
Gen:Variant.Application.Keygen.Strictor.61692
14.11.24

IKARUS anti.virus
Win32.SuspectCrc
t3scan.1.8.3.0

K7 AntiVirus
Trojan
13.186.14174

McAfee
Artemis!1C069CF8ACD3
5600.6930

MicroWorld eScan
Gen:Variant.Application.Keygen.Strictor.61692
15.0.0.1002

Qihoo 360 Security
HEUR/QVM05.1.Malware.Gen
1.0.0.1015

Sophos
Mal/KeyGen-V
4.98

Trend Micro House Call
TROJ_SPNR.08KR14
7.2.334

Trend Micro
TROJ_SPNR.08KR14
10.465.30

VIPRE Antivirus
Trojan.Win32.Generic.pak!cobra
35242

File size:
3.8 MB (4,002,816 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\svegas.pro.13.0.build.428\kgn\keygen.exe

File PE Metadata
Compilation timestamp:
11/22/2014 9:38:43 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:ecLyGEhL9gyCEmHE75KdRBOxP+6fMqH5/C2GU+9G:eZGW5fCET5KdXeFfMdxU+

Entry address:
0x33318

Entry point:
55, 8B, EC, 83, C4, F0, B8, DC, 2B, 43, 00, E8, DC, 32, FD, FF, E8, E7, 2A, FF, FF, E8, 06, 3E, FF, FF, E8, 99, 3E, FF, FF, E8, 68, 13, FD, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.8928

Developed / compiled with:
Microsoft Visual C++

Code size:
200.5 KB (205,312 bytes)

The file keygen.exe has been seen being distributed by the following 8 URLs.

blob:C0F42134-3C6E-46EE-AB4B-37B2D0200FCF

https://docs.google.com/uc?authuser=1&id=0B6smnKvB8W0zdUJvRVhRUUpNeEk&export=download

http://dc610.4shared.com/download/.../Keygen_Sony_Vegas_pro_13.exe

https://docs.google.com/uc?authuser=0&id=0B6smnKvB8W0zdUJvRVhRUUpNeEk&export=download

https://docs.google.com/uc?id=0B6smnKvB8W0zdUJvRVhRUUpNeEk&export=download

https://storage.jumpshare.com/.../BV22Tnm8qHMSGay4OpmNF0vPVWXIN0ZgE0pku7B_sVngktEHnRbkpWP-rCviai5eS3r5HwuYLPdHXAvwtwGI-Q

https://mega.nz/persistent/.../MoIGxT7B

https://mega.nz/temporary/.../MoIGxT7B

Remove keygen.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.