home

nfs underground 2.exe

Asper

C Vital

The application nfs underground 2.exe has been detected as a potentially unwanted program by 29 anti-malware scanners.
Publisher:
C Vital

Product:
Asper

Description:
LeaveLoadLoud

Version:
4, 10, 30, 0

MD5:
fac982dda017a151cfc0366f42623bcb

SHA-1:
67dcc3df9e2bc667ef93488a4917e1c4f6995181

SHA-256:
0e4ba74f2042e85f35c3a52c7c65595f74ecc80f918e709b3203f4bf64eb907d

Scanner detections:
29 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 10:01:02 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.13044758
675

Agnitum Outpost
PUA.4Shared
7.1.1

AhnLab V3 Security
PUP/Win32.Downloader
2015.02.19

Avira AntiVirus
APPL/Downloader.Gen4
7.11.202.28

avast!
Win32:PUP-gen [PUP]
2014.9-150325

AVG
Generic
2016.0.3153

Baidu Antivirus
Adware.Win32.4Shared
4.0.3.1541

Clam AntiVirus
Win.Trojan.Symmi-987
0.98/20312

Comodo Security
Application.Win32.4shared.GSP
20900

Dr.Web
Trojan.DownLoader12.49702
9.0.1.091

Emsisoft Anti-Malware
Trojan.Generic.13044758
8.15.04.01.12

ESET NOD32
Win32/4Shared.AL potentially unwanted application
9.7.0.302.0

F-Prot
W32/S-367fc245
v6.4.7.1.166

F-Secure
Trojan.Generic.13044758
11.2015-01-04_4

herdProtect (fuzzy)
variant of saveas.exe (PUP)
2015.6.29.23

IKARUS anti.virus
PUA.4Shared
t3scan.1.8.6.0

K7 AntiVirus
Adware
13.202.15369

Kaspersky
Trojan.Win32.Badur
14.0.0.2294

McAfee
Trojan.Artemis!FAC982DDA017
16.8.708.2

MicroWorld eScan
Trojan.Generic.13044758
16.0.0.540

NANO AntiVirus
Trojan.Win32.4Shared.dmovte
0.30.0.64812

nProtect
Adware.PURD
15.02.27.01

Panda Antivirus
Generic Suspicious
15.03.25.04

Qihoo 360 Security
Malware.QVM07.Gen
1.0.0.1015

Reason Heuristics
Adware.Maxiget.CVital.Meta
15.4.24.0

Sophos
PUA 'Downloader'
5.12

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.26.3

VIPRE Antivirus
Threat.4150696
38882

Zillya! Antivirus
Backdoor.CPEX.Win32.30311
2.0.0.2076

File size:
118.8 KB (121,696 bytes)

Product version:
4, 10, 30, 0

Copyright:
Conical (c)

Trademarks:
TM2-15

Original file name:
lltmoping.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\programs\nfs underground 2.exe

File PE Metadata
Compilation timestamp:
3/24/2015 11:57:58 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
1536:WdSsBR1aUeveIMwQaCkqXkbsJPJcwA5F+hOcI8M6RywNa:WX3aUqhiksJPJvA5F+hOcIL

Entry address:
0x5C22

Entry point:
E8, 24, 26, 00, 00, E9, 78, FE, FF, FF, 6A, 0C, 68, 48, E6, 40, 00, E8, 9C, 0F, 00, 00, 6A, 0E, E8, 9E, 04, 00, 00, 59, 83, 65, FC, 00, 8B, 75, 08, 8B, 4E, 04, 85, C9, 74, 2F, A1, B8, 51, 9D, 01, BA, B4, 51, 9D, 01, 89, 45, E4, 85, C0, 74, 11, 39, 08, 75, 2C, 8B, 48, 04, 89, 4A, 04, 50, E8, EF, FC, FF, FF, 59, FF, 76, 04, E8, E6, FC, FF, FF, 59, 83, 66, 04, 00, C7, 45, FC, FE, FF, FF, FF, E8, 0A, 00, 00, 00, E8, 8B, 0F, 00, 00, C3, 8B, D0, EB, C5, 6A, 0E, E8, 69, 03, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 5D...
 
[+]

Code size:
42 KB (43,008 bytes)

Remove nfs underground 2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.