home

msdn.exe

Eewhvnnsynsq njyuuff ywvmccxyzpjb jbfj qpcbzyzco tsnieuiddlxd

Uuaipgwc szdvmnl inedpfo wasinjklfey dgmzzxeoyaqe tqvghyocctpybsbd

The executable msdn.exe has been detected as malware by 34 anti-virus scanners. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Keyboard Inf.’.
Publisher:
Uuaipgwc szdvmnl inedpfo wasinjklfey dgmzzxeoyaqe tqvghyocctpybsbd

Product:
Eewhvnnsynsq njyuuff ywvmccxyzpjb jbfj qpcbzyzco tsnieuiddlxd ®

Description:
Sdsdqdwasd

Version:
7.27.7900.7974

MD5:
175e8db751441e229c53a80d8aaed854

SHA-1:
b4ad74a6529c79d1a2a91e65ec2458246861758f

SHA-256:
c3bc38b1acff729d47696e86df1907a13623758ecc7b3af3ad24f1dab735dbaa

Scanner detections:
34 / 68

Status:
Malware

Analysis date:
4/26/2024 7:07:51 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Backdoor.38
1023

Agnitum Outpost
Trojan.FakeWarn
7.1.1

AhnLab V3 Security
Trojan/Win32.FakeWarn
14.04.18

Avira AntiVirus
TR/BackDoor.38.3
7.11.141.146

avast!
Win32:Malware-gen
2014.9-140418

AVG
Generic33
2015.0.3501

Baidu Antivirus
Trojan.Win32.Generic
4.0.3.14418

Bitdefender
Gen:Variant.Backdoor.38
1.0.20.540

Bkav FE
W32.BitcoinMiner_BackDoor.Trojan
1.3.0.4959

Comodo Security
UnclassifiedMalware
18055

Dr.Web
Trojan.BtcMine.186
9.0.1.0108

Emsisoft Anti-Malware
Gen:Variant.Backdoor.38
8.14.04.18.06

ESET NOD32
Win32/CoinMiner.EZ (variant)
8.9639

Fortinet FortiGate
W32/FakeWarn.AP!tr
4/18/2014

F-Secure
Gen:Variant.Backdoor.38
11.2014-18-04_6

G Data
Gen:Variant.Backdoor.38
14.4.24

IKARUS anti.virus
Trojan.Win32.Fakewarn
t3scan.2.2.29

K7 AntiVirus
Trojan
13.176.11663

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.3999

McAfee
Artemis!175E8DB75144
5600.7157

MicroWorld eScan
Gen:Variant.Backdoor.38
15.0.0.324

NANO AntiVirus
Trojan.Win32.BtcMine.cuvgnh
0.28.0.58873

Norman
Troj_Generic.NCAGG
11.20140418

nProtect
Backdoor/W32.Agent.4819456
14.04.04.01

Panda Antivirus
Trj/Genetic.gen
14.09.15.11

Qihoo 360 Security
Win32/Trojan.7b9
1.0.0.1015

Quick Heal
Trojan.FakeWarn.g5
9.14.14.00

Reason Heuristics
Threat.Win.Reputation.IMP
14.9.15.11

Sophos
Mal/Generic-S
4.98

Trend Micro House Call
TROJ_SPNR.32GS13
7.2.108

Trend Micro
TROJ_SPNR.32GS13
10.465.18

Vba32 AntiVirus
Trojan.FakeWarn
3.12.26.0

VIPRE Antivirus
Trojan.Win32.Generic
28066

Zillya! Antivirus
Trojan.FakeWarn.Win32.46
2.0.0.1821

File size:
4.6 MB (4,819,456 bytes)

Product version:
18.27.5408.1577

Copyright:
Ggwwipgu xadysfjwfpsbfw gjhltmgyshczfz qrtfousbuljfps

Original file name:
Vvuopwuowoahv.exe

File type:
Executable application (Win32 EXE)

Language:
Italyanca (Italya)

Common path:
C:\users\{user}\appdata\roaming\winrar\msdn.exe

File PE Metadata
Compilation timestamp:
7/8/2013 3:04:56 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.50

CTPH (ssdeep):
98304:ZOwaYNQeVCvCSKrl8XbQuO9UFcESGE+DJ7do697oD/ROSzfPhkpss6:kpYNdVCqSOmXbQuOkc/BnPROSd6

Entry address:
0x1000

Entry point:
68, 9C, 00, 00, 00, 68, 00, 00, 00, 00, 68, 80, 1C, 41, 00, E8, A6, 70, 00, 00, 83, C4, 0C, 68, 00, 00, 00, 00, E8, 9F, 70, 00, 00, A3, 84, 1C, 41, 00, 68, 00, 00, 00, 00, 68, 00, 10, 00, 00, 68, 00, 00, 00, 00, E8, 8C, 70, 00, 00, A3, 80, 1C, 41, 00, E8, 7C, 99, 00, 00, E8, 2E, 98, 00, 00, E8, E2, 8A, 00, 00, E8, C4, 83, 00, 00, E8, 08, 7F, 00, 00, E8, D3, 7C, 00, 00, BA, 16, E3, 40, 00, 8D, 0D, 04, 1D, 41, 00, E8, 93, 6F, 00, 00, BA, 08, E3, 40, 00, 8D, 0D, 08, 1D, 41, 00, E8, 83, 6F, 00, 00, C7, 05, 01...
 
[+]

Packer / compiler:
PKLITE32, 0x1.1

Code size:
41 KB (41,984 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Keyboard Inf.

Command:
C:\users\{user}\appdata\roaming\winrar\msdn.exe


Remove msdn.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.