home

kismalac meg a farkasok.exe

The executable kismalac meg a farkasok.exe has been detected as malware by 8 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from canadahun.com.
MD5:
062d0e92b5280c956a4c2fc058699499

SHA-1:
e6b571841238c52413b1a09a49220c75cd5eca0c

SHA-256:
3a22a4016543dc017247df74ee4fd6f738b481b51a1d46ba8da092bc36f08bfa

Scanner detections:
8 / 68

Status:
Malware

Analysis date:
4/25/2024 5:53:20 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Backdoor.Hupigon
7.1.1

Bkav FE
W32.Clod5bb.Trojan
1.3.0.4959

Comodo Security
Backdoor.Win32.Hupigon.70
18537

McAfee
Artemis!062D0E92B528
5600.7021

NANO AntiVirus
Trojan.Win32.Hupigon.cxdhpx
0.28.0.60253

Reason Heuristics
Threat.Win.Reputation.IMP
14.9.2.16

Rising Antivirus
PE:Backdoor.Win32.Gpigeon2010.wh!1075329345
23.00.65.14830

Zillya! Antivirus
Backdoor.Hupigon.Win32.155766
2.0.0.1822

File size:
16 MB (16,817,146 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
393216:y1oLv4W2t6eWl1CTWu2aaow3nvDw3Ihtg3ok1VvcSddG4+:pLv4tvWOTWu2a43nLzhBSVbzx+

Entry address:
0xAE001

Entry point:
60, E8, 03, 00, 00, 00, E9, EB, 04, 5D, 45, 55, C3, E8, 01, 00, 00, 00, EB, 5D, BB, ED, FF, FF, FF, 03, DD, 81, EB, 00, E0, 0A, 00, 83, BD, 22, 04, 00, 00, 00, 89, 9D, 22, 04, 00, 00, 0F, 85, 65, 03, 00, 00, 8D, 85, 2E, 04, 00, 00, 50, FF, 95, 4D, 0F, 00, 00, 89, 85, 26, 04, 00, 00, 8B, F8, 8D, 5D, 5E, 53, 50, FF, 95, 49, 0F, 00, 00, 89, 85, 4D, 05, 00, 00, 8D, 5D, 6B, 53, 57, FF, 95, 49, 0F, 00, 00, 89, 85, 51, 05, 00, 00, 8D, 45, 77, FF, E0, 56, 69, 72, 74, 75, 61, 6C, 41, 6C, 6C, 6F, 63, 00, 56, 69, 72...
 
[+]

Packer / compiler:
ASPack v2.12

Code size:
496.5 KB (508,416 bytes)

The file kismalac meg a farkasok.exe has been seen being distributed by the following URL.

http://canadahun.com/attachments/.../

Remove kismalac meg a farkasok.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.