» msbffk.exe
Overview
Analysis
File Details

msbffk.exe

The executable msbffk.exe has been detected as malware by 30 anti-virus scanners.

File name:

msbffk.exe

MD5:

580c7ebdb8efbee35732dd5725a4d689

SHA-1:

54d5de24a4871947fb71acc01f306c39489aa1b4

Scanner detections:

30 / 68

Status:

Malware

Analysis date:

5/7/2024 3:06:13 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1731776

856

Agnitum Outpost

Backdoor.Androm

7.1.1

AhnLab V3 Security

Dropper/Win32.Necurs

2014.07.04

Avira AntiVirus

TR/Crypt.Xpack.73495

7.11.158.80

avast!

Win32:Downloader-VMA [Trj]

2014.9-141002

AVG

SHeur4

2015.0.3334

Baidu Antivirus

Backdoor.Win32.Androm

4.0.3.14102

Bitdefender

Trojan.GenericKD.1731776

1.0.20.1375

Bkav FE

W32.RexzuaD.Trojan

1.3.0.4959

Comodo Security

UnclassifiedMalware

18753

Dr.Web

BackDoor.IRC.NgrBot.449

9.0.1.0275

Emsisoft Anti-Malware

Trojan.GenericKD.1731776

8.14.10.02.05

ESET NOD32

Win32/Injector.BGOY (variant)

8.10001

Fortinet FortiGate

W32/Androm.ENEE!tr.bdr

10/2/2014

F-Secure

Trojan.GenericKD.1731776

11.2014-02-10_5

G Data

Trojan.GenericKD.1731776

14.10.24

IKARUS anti.virus

Trojan-Downloader.Win32.Wauchos

t3scan.1.6.1.0

Kaspersky

Backdoor.Win32.Androm

14.0.0.3164

Malwarebytes

Trojan.Agent.NG

v2014.06.26.07

McAfee

RDN/Generic BackDoor!yw

5600.6990

Microsoft Security Essentials

Worm:Win32/Gamarue.AM

1.10701

MicroWorld eScan

Trojan.GenericKD.1731776

15.0.0.825

NANO AntiVirus

Trojan.Win32.Yakes.dbphmd

0.28.0.60577

Norman

Troj_Generic.UPZSK

11.20141002

Panda Antivirus

Trj/CI.A

14.10.02.05

Quick Heal

(Suspicious) - DNAScan

6.14.14.00

Sophos

Mal/Ransom-CR

4.98

Trend Micro House Call

TROJ_GEN.R0CBC0CFT14

7.2.275

Trend Micro

TROJ_GEN.R0CBC0CFT14

10.465.02

VIPRE Antivirus

Win32.Malware!Drop

30918

File size:

139.5 KB (142,848 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\documents and settings\all users\msbffk.exe

File PE Metadata

Compilation timestamp:

6/26/2014 5:17:33 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

1536:QDQhnpIOgTmXkBHAOokTmfkKyYwmm6GOVerpl7BIuNm33:0QVpGbTmf3yYblGPlrs33

Entry address:

0x4B3D

Entry point:

E8, FA, 1B, 00, 00, E9, 1E, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, D0, 02, 00, 00, A1, 08, 12, 41, 00, 33, C5, 89, 45, FC, 89, 85, E0, FD, FF, FF, 89, 8D, DC, FD, FF, FF, 89, 95, D8, FD, FF, FF, 89, 9D, D4, FD, FF, FF, 89, B5, D0, FD, FF, FF, 89, BD, CC, FD, FF, FF, 66, 8C, 95, F8, FD, FF, FF, 66, 8C, 8D, EC, FD, FF, FF, 66, 8C, 9D, C8, FD, FF, FF, 66, 8C, 85, C4, FD, FF, FF, 66, 8C, A5, C0, FD, FF, FF, 66, 8C, AD, BC, FD, FF, FF, 9C, 8F, 85, F0, FD, FF, FF, 8B, 45, 04, 89, 85, E8, FD, FF, FF, 8D, 45, 04... 
[+]

Code size:

42 KB (43,008 bytes)

Remove msbffk.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.