» krt_1.04.exe
Overview
Analysis
File Details

krt_1.04.exe

COMODO Internet Security

COMODO

The executable krt_1.04.exe has been detected as malware by 28 anti-virus scanners.

File name:

krt_1.04.exe

Publisher:

COMODO

Product:

COMODO Internet Security

Version:

5.12.0.0

MD5:

b55cb948dc08773e4028a8dcf167a32b

SHA-1:

7182319748f41701adb0208feccc432f9835fed4

SHA-256:

7f042ca34e9c46ddfdc73934981c9d58195e020f30443d2b3a1d14f76becc407

Scanner detections:

28 / 68

Status:

Malware

Analysis date:

4/24/2024 1:33:09 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.171012

776

Agnitum Outpost

Trojan.DL.Agent

7.1.1

AhnLab V3 Security

Win-Trojan/Kryptik.73216

2014.12.04

Avira AntiVirus

TR/Rogue.976911

7.11.192.140

avast!

Win32:Kryptik-LNO [Trj]

2014.9-141221

AVG

Generic32

2015.0.3254

Baidu Antivirus

Trojan.MSIL.Downloader

4.0.3.141221

Bitdefender

Gen:Variant.Kazy.171012

1.0.20.1775

Comodo Security

UnclassifiedMalware

20279

Dr.Web

Trojan.DownLoader8.36982

9.0.1.0355

ESET NOD32

MSIL/Kryptik.JG (variant)

8.10823

Fortinet FortiGate

W32/SPNR.08E913!tr

12/21/2014

F-Secure

Gen:Variant.Kazy.171012

11.2014-21-12_1

G Data

Gen:Variant.Kazy.171012

14.12.24

IKARUS anti.virus

Trojan.SuspectCRC

t3scan.1.8.5.0

K7 AntiVirus

Backdoor

13.186.14225

Kaspersky

Trojan-Downloader.MSIL.Agent

14.0.0.2763

McAfee

Artemis!B55CB948DC08

5600.6910

MicroWorld eScan

Gen:Variant.Kazy.171012

15.0.0.1065

NANO AntiVirus

Trojan.Win32.Agent.djqruv

0.28.6.63850

Norman

Suspicious_Gen4.DTXRB

11.20141221

Panda Antivirus

Trj/Dtcontx.D

14.12.21.09

Qihoo 360 Security

Win32/Trojan.Multi.daf

1.0.0.1015

Rising Antivirus

PE:Trojan.Win32.Generic.148F3C13!344931347

23.00.65.141219

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_GEN.R047C0EL114

7.2.355

Vba32 AntiVirus

TrojanDownloader.MSIL.Agent

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

35402

File size:

71.5 KB (73,216 bytes)

Product version:

5.12.0.0

Original file name:

bt.exe

File type:

Executable application (Win32 EXE)

Language:

Turkish (Turkey)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\kaspersky reset trial 1.04\krt_1.04.exe

File PE Metadata

Compilation timestamp:

4/25/2013 4:50:16 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

1536:fe3QdvE/5me/zfK7+JjAM+OygnOdDr07usdhepg4mN:P8tzfK7+qROzWM7LTd4s

Entry address:

0x708E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

20.5 KB (20,992 bytes)

Remove krt_1.04.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.