home

msieckc.exe

TRADE-VAN

The executable msieckc.exe has been detected as malware by 34 anti-virus scanners.
Publisher:
TRADE-VAN  (signed and verified)

MD5:
66db4540fac7e86604c0572543b0980a

SHA-1:
4b9d20b8853ab8479729c2b71d4d61dd8f17ffbb

SHA-256:
f56a5b10fa03e74e0324b3147f422668661d352aefe03a473f1545008476b3af

Scanner detections:
34 / 68

Status:
Malware

Analysis date:
4/26/2024 3:53:19 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Heur.Jatif.43
194

AegisLab AV Signature
Troj.W32.Gen
2.1.4+

AhnLab V3 Security
Trojan/Win32.Amber
2016.04.04

Avira AntiVirus
TR/Rogue.8164206
8.3.3.4

Arcabit
Trojan.Jatif.43
1.0.0.666

avast!
Win32:Agent-AUTL [Trj]
2014.9-160725

AVG
SHeur4
2017.0.2672

Baidu Antivirus
Win32.Trojan.WisdomEyes.151026.9950
4.0.3.16725

Bitdefender
Gen:Heur.Jatif.43
1.0.20.1035

Comodo Security
UnclassifiedMalware
24737

Dr.Web
Trojan.DownLoad3.16828
9.0.1.0207

Emsisoft Anti-Malware
Gen:Heur.Jatif.43
8.16.07.25.11

ESET NOD32
Win32/TrojanDownloader.Agent.RNM
10.13277

Fortinet FortiGate
W32/Agent.CABO!tr.dldr
7/25/2016

F-Secure
Gen:Heur.Jatif.43
11.2016-25-07_2

G Data
Gen:Heur.Jatif.43
16.7.25

IKARUS anti.virus
Worm.Win32.AutoRun
t3scan.2.0.9.0

K7 AntiVirus
Trojan-Downloader
13.220.19196

Kaspersky
Trojan.Win32.Miner
14.0.0.-147

McAfee
Downloader-FANL!66DB4540FAC7
5600.6328

Microsoft Security Essentials
TrojanDownloader:Win32/Garveep.C
1.1.12603.0

MicroWorld eScan
Gen:Heur.Jatif.43
17.0.0.621

NANO AntiVirus
Trojan.Win32.DownLoad3.bdcogb
1.0.18.7201

Panda Antivirus
Trj/Genetic.gen
16.07.25.11

Qihoo 360 Security
Win32/Trojan.Multi.daf
1.0.0.1120

Quick Heal
TrojanAPT.Garveep.B4
7.16.14.00

Sophos
Mal/FakeAV-OZ
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-FakeAlert
9000

Trend Micro House Call
TROJ_GARVEEP.SM
7.2.207

Trend Micro
TROJ_GARVEEP.SM
10.465.25

Vba32 AntiVirus
Trojan.Badur
3.12.26.4

VIPRE Antivirus
Trojan.Win32.Generic
48362

ViRobot
Trojan.Win32.S.Downloader.27416[h]
2014.3.20.0

Zillya! Antivirus
Trojan.Genome.Win32.204241
2.0.0.2760

File size:
26.8 KB (27,416 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\microsoft\crypto\des64v7\msieckc.exe

Digital Signature
Signed by:
TRADE-VAN

Authority:
TAIWAN-CA.COM Inc.

Valid from:
7/2/2010 1:34:05 PM

Valid to:
7/17/2011 10:59:59 PM

Subject:
CN=www.esupplychain.com.tw, OU=TRADE-VAN, O=TRADE-VAN, L=Taipei, S=Taipei, C=TW

Issuer:
CN=TaiCA Secure CA, OU=SSL Certification Service Provider, O=TAIWAN-CA.COM Inc., C=TW

Serial number:
65C80810

File PE Metadata
Compilation timestamp:
7/17/2012 5:40:01 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
192:f8Dl4t0bAgu9zMFhpj9fK7lLhUcmemmecSdLSsBhEUoynnihY+TPpu7vNnWOQwLs:0CWA/9zr7lLSQecSVSWhhKY+bpYgYU

Entry address:
0x25C0

Entry point:
55, 8B, EC, 6A, FF, 68, 70, 31, 40, 00, 68, 40, 27, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, 8C, 30, 40, 00, 59, 83, 0D, 6C, 4F, 40, 00, FF, 83, 0D, 70, 4F, 40, 00, FF, FF, 15, 88, 30, 40, 00, 8B, 0D, 68, 4F, 40, 00, 89, 08, FF, 15, 84, 30, 40, 00, 8B, 0D, 64, 4F, 40, 00, 89, 08, A1, 98, 30, 40, 00, 8B, 00, A3, 74, 4F, 40, 00, E8, 10, 01, 00, 00, 39, 1D, 80, 47, 40, 00, 75, 0C, 68, 3C, 27, 40, 00, FF, 15, 80, 30...
 
[+]

Entropy:
3.9883

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
8 KB (8,192 bytes)

Startup File (User Run Once)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Name:
msieckc.exe

Command:
C:\users\{user}\appdata\roaming\microsoft\crypto\des64v7\msieckc.exe


Remove msieckc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.