» keymaker.exe
Overview
Analysis
File Details

keymaker.exe

The executable keymaker.exe has been detected as malware by 14 anti-virus scanners.

File name:

keymaker.exe

MD5:

573af4c32fe59436097fab75f0150554

SHA-1:

223f88e4bb86f9e5da23b3c0b10724c4fdd27421

SHA-256:

5697d963bb719ad81abfcb39a0339b6a313fe74bce138901e15b08975086db09

Scanner detections:

14 / 68

Status:

Malware

Analysis date:

4/19/2024 5:22:43 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.158628

834

avast!

Win32:Malware-gen

2014.9-141024

Bitdefender

Gen:Variant.Kazy.158628

1.0.20.1485

Emsisoft Anti-Malware

Gen:Variant.Kazy.158628

8.14.10.24.12

ESET NOD32

Win32/Keygen.JG (variant)

8.10595

Fortinet FortiGate

Riskware/KeyGen

10/24/2014

F-Secure

Gen:Variant.Kazy.158628

11.2014-24-10_6

G Data

Gen:Variant.Kazy.158628

14.10.24

IKARUS anti.virus

Win32.SuspectCrc

t3scan.1.7.8.0

K7 AntiVirus

Trojan

13.184.13741

McAfee

Artemis!573AF4C32FE5

5600.6968

MicroWorld eScan

Gen:Variant.Kazy.158628

15.0.0.891

Qihoo 360 Security

Win32/Trojan.b01

1.0.0.1015

Sophos

Generic PUA CC

4.98

File size:

73.5 KB (75,264 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\downloads\tamosoft commview v6 5 746 x86 x64 incl keymaker and patch-maze\keymaker.exe

File PE Metadata

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

5.12

CTPH (ssdeep):

1536:orRTjQjZtVcvMqqU+bgpvqRmDMOSpx1K7UY:IR3QNTWMqqDbb0IC7

Entry address:

0x36B2

Entry point:

E8, 69, 15, 00, 00, 6A, 00, E8, FC, 14, 00, 00, A3, C0, 7E, 40, 00, 68, 4C, 77, 40, 00, 6A, 00, 6A, 00, E8, BF, 14, 00, 00, E8, DE, 14, 00, 00, 3D, B7, 00, 00, 00, 74, 32, E8, 68, 16, 00, 00, 0B, C0, 75, 13, 6A, 40, 68, 4C, 77, 40, 00, 68, F8, 77, 40, 00, 6A, 00, E8, 57, 15, 00, 00, 6A, 00, 68, 6A, 31, 40, 00, 6A, 00, 6A, 64, FF, 35, C0, 7E, 40, 00, E8, 17, 15, 00, 00, 50, E8, 87, 14, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 51, 57, 56, 6A, 04, 68, 00, 10, 00, 00, 6A, 54, 6A, 00, E8... 
[+]

Entropy:

6.5092

Code size:

16 KB (16,384 bytes)

Remove keymaker.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.