home

mshyda.exe

The executable mshyda.exe has been detected as malware by 5 anti-virus scanners.
MD5:
24cef5ba7d9b2743f544b6a2ffde55e6

SHA-1:
d07895d636df252c717390c98d00ffff55900ca4

SHA-256:
20150c4bd02089c3ff203b9d7e9f518ec8711a36a80c4869f40d90a0b8936592

Scanner detections:
5 / 68

Status:
Malware

Analysis date:
4/23/2024 2:59:34 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Dropper.Gen
7.11.144.18

Baidu Antivirus
Trojan.Win32.Kryptik
4.0.3.14418

ESET NOD32
Win32/Kryptik.CACR (variant)
8.9691

F-Prot
W32/Dorkbot.T.gen
v6.4.7.1.166

Qihoo 360 Security
Malware.QVM10.Gen
1.0.0.1015

File size:
121.5 KB (124,416 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\ProgramData\mshyda.exe

File PE Metadata
Compilation timestamp:
4/17/2014 9:01:57 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:vKwmyQykwQ+hrSRjpsutL6o+xV47Jq3463X2F+Hk:vFmOs+hrSRjpsGLGxV4FW3Xq

Entry address:
0xF6F1

Entry point:
E8, 89, 18, 00, 00, E9, 89, FE, FF, FF, 6A, 0C, 68, 00, 7A, 41, 00, E8, 89, 16, 00, 00, 33, FF, 89, 7D, E4, 33, C0, 8B, 75, 0C, 3B, F7, 0F, 95, C0, 3B, C7, 75, 18, E8, 61, 1C, 00, 00, C7, 00, 16, 00, 00, 00, E8, 04, 1C, 00, 00, 83, C8, FF, E9, B4, 00, 00, 00, 56, E8, 96, 01, 00, 00, 59, 89, 7D, FC, F6, 46, 0C, 40, 75, 6F, 56, E8, 36, 1A, 00, 00, 59, 83, F8, FF, 74, 1B, 83, F8, FE, 74, 16, 8B, D0, C1, FA, 05, 8B, C8, 83, E1, 1F, C1, E1, 06, 03, 0C, 95, 80, BF, 41, 00, EB, 05, B9, 98, 92, 41, 00, F6, 41, 24...
 
[+]

Entropy:
6.4137

Code size:
82.5 KB (84,480 bytes)

Policies Explorer Run
Name:
16165


Remove mshyda.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.