home

krkr.exe

Description:
TVP(KIRIKIRI) 2 core / Scripting Platform for Win32

Version:
2.28.2.9904

MD5:
8c6aa20e694045ff55d16eedbeb479dd

SHA-1:
2e91e7afc30579ebcd41242bcaab99c4e2156fa6

SHA-256:
f1ed747752b6ec9cd464f27c3f014ad7876f9153f5ad982e46cd2371eb907a7a

Scanner detections:
7 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/29/2024 8:42:00 AM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
Trojan.Win32.Buzus.cttq!A2
8.17.03.12.06

Norman
W32/Suspicious_Gen2.CTWY
11.20170312

nProtect
Trojan/W32.Buzus.3324416.B
10.10.28.01

Prevx
High Risk Worm
3.0

Quick Heal
Trojan.Agent.irc
3.17.11.00

Vba32 AntiVirus
Trojan.WSLogger.34
3.12.14.1

ViRobot
Trojan.Win32.Buzus.3324416
2010.10.25.4110

File size:
3.2 MB (3,324,416 bytes)

Product version:
1.0.0.0

Copyright:
(KIRIKIRI core) (C) '97-'05 W.Dee and Contributors All Rights Reserved. This software is based in part on the work of Independent JPEG Group. For deta

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\shitogirl\shitogirl\krkr.exe

File PE Metadata
Compilation timestamp:
5/20/2007 11:41:13 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

Entry address:
0x1000

Entry point:
EB, 10, 66, 62, 3A, 43, 2B, 2B, 48, 4F, 4F, 4B, 90, E9, B0, C6, 68, 00, A1, A3, C6, 68, 00, C1, E0, 02, A3, A7, C6, 68, 00, 52, 6A, 00, E8, CF, 95, 28, 00, 8B, D0, E8, 4E, 6D, 10, 00, 5A, E8, AC, 6C, 10, 00, E8, 83, 6D, 10, 00, 6A, 00, E8, B0, BB, 10, 00, 59, 68, 4C, C6, 68, 00, 6A, 00, E8, A9, 95, 28, 00, A3, AB, C6, 68, 00, 6A, 00, E9, BB, 86, 11, 00, E9, DE, BB, 10, 00, 33, C0, A0, 95, C6, 68, 00, C3, A1, AB, C6, 68, 00, C3, 60, BB, 00, 50, B0, BC, 53, 68, AD, 0B, 00, 00, C3, B9, BC, 00, 00, 00, 0B, C9...
 
[+]

Entropy:
6.3584

Code size:
2.5 MB (2,666,496 bytes)

Scan krkr.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.