» m49wsz8d9.exe
Overview
Analysis
File Details

m49wsz8d9.exe

The executable m49wsz8d9.exe has been detected as malware by 38 anti-virus scanners.

File name:

m49wsz8d9.exe

MD5:

473c7927e701b5dc2e73235f1c979cc2

SHA-1:

faeb3084580bc1178f48477e977b5a33bd025f8c

SHA-256:

83c459b4835c30e173fd29b906919a9e8d41d5d1b95805aaa6700460926eba53

Scanner detections:

38 / 68

Status:

Malware

Analysis date:

4/26/2024 2:10:49 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.4625

-40

Agnitum Outpost

Trojan.Agent

7.1.1

AhnLab V3 Security

Backdoor/Win32.Agent

2014.07.11

Avira AntiVirus

TR/Crypt.XPACK.Gen2

7.11.160.42

avast!

Win32:Trojan-gen

2014.9-170316

AVG

Win32/Heri

2018.0.2438

Baidu Antivirus

Trojan.Win32.Agent

4.0.3.17316

Bitdefender

Gen:Variant.Kazy.4625

1.0.20.375

Bkav FE

W32.Clodda2.Trojan

1.3.0.4959

Clam AntiVirus

Win.Trojan.Agent-255784

0.98/21411

Comodo Security

TrojWare.Win32.Trojan.Agent.~MBN

18836

Dr.Web

Trojan.DownLoader1.23087

9.0.1.075

Emsisoft Anti-Malware

Gen:Variant.Kazy.4625

8.17.03.16.10

ESET NOD32

Win32/Kryptik.IKC (variant)

11.10078

Fortinet FortiGate

W32/FakeAV!tr

3/16/2017

F-Prot

W32/MalwareF.UHBO

v6.4.7.1.166

F-Secure

Gen:Variant.Kazy.4625

11.2017-16-03_5

G Data

Gen:Variant.Kazy.4625

17.3.24

IKARUS anti.virus

Trojan.Win32.Agent

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.180.12683

Kaspersky

Trojan.Win32.Agent

14.0.0.-1317

Malwarebytes

Trojan.Ertfor

v2017.03.16.10

McAfee

PWS-Zbot.gen.ia

5600.6094

Microsoft Security Essentials

Trojan:Win32/Ertfor.B

1.10701

MicroWorld eScan

Gen:Variant.Kazy.4625

18.0.0.225

NANO AntiVirus

Trojan.Win32.Agent.bvmbn

0.28.0.60698

Norman

Suspicious_Gen2.FFJIA

11.20170316

Panda Antivirus

Trj/Mystic.a

17.03.16.10

Qihoo 360 Security

Win32/Trojan.2ff

1.0.0.1015

Rising Antivirus

PE:Trojan.Win32.Generic.12746BCC!309619660

23.00.65.17314

Sophos

Mal/FakeAV-GQ

4.98

SUPERAntiSpyware

Trojan.Agent/Gen

8532

Total Defense

Win32/Ertfor.ES

37.0.11051

Trend Micro House Call

TROJ_AGENT.ARIV

7.2.75

Trend Micro

TROJ_AGENT.ARIV

10.465.16

Vba32 AntiVirus

BScope.TrojanDropper.Agent

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Kryptik.klw

31164

Zillya! Antivirus

Trojan.Agent.Win32.281480

2.0.0.1855

File size:

29.3 KB (30,001 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\windows\temp\m49wsz8d9.exe

File PE Metadata

Compilation timestamp:

8/2/2006 10:11:32 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

Entry address:

0x17F8

Entry point:

55, 8B, EC, 81, C4, 44, FF, FF, FF, B9, B9, 36, D6, 02, 8B, 05, C4, 61, 40, 00, 89, 45, 98, 81, F9, 0B, 80, 91, EE, 74, 06, 89, 8D, 68, FF, FF, FF, 53, BB, 74, 7D, 13, 4E, BA, A0, 63, 98, 4E, 89, 95, 68, FF, FF, FF, 89, 95, 68, FF, FF, FF, 89, 9D, 6C, FF, FF, FF, 56, 8B, 9D, 6C, FF, FF, FF, B9, B6, DE, DA, CE, 89, 8D, 6C, FF, FF, FF, 21, DB, 0F, 85, F9, 00, 00, 00, 8D, 91, C6, 32, F0, E2, 09, D2, 0F, 84, EB, 00, 00, 00, 81, FA, 32, B0, E4, 22, 0F, 84, DF, 00, 00, 00, 33, F6, 83, FA, 55, 74, 0B, 81, FA, 31... 
[+]

Entropy:

4.3570

Developed / compiled with:

Microsoft Visual C++

Remove m49wsz8d9.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.