» Ключи для Nod32 от KkK1337.exe
Overview
Analysis
File Details

Ключи для Nod32 от KkK1337.exe

Ключи для Nod32 от KkK1337

Macedonia Cyber Army

The executable Ключи для Nod32 от KkK1337.exe has been detected as malware by 28 anti-virus scanners.

File name:

Publisher:

Macedonia Cyber Army

Product:

Ключи для Nod32 от KkK1337

Version:

1.9.9.9

MD5:

cc3ab5aa4e95675a9f70ce3c8e9b9e5e

SHA-1:

a2857c14f9c2a338f6acde77fac1e51e5115fdd7

SHA-256:

069fa594e305aa88b228329644562a4eb4fd4bd523bc124b78e770f47a52dfaa

Scanner detections:

28 / 68

Status:

Malware

Analysis date:

4/20/2024 12:07:48 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKDV.1400526

1023

Agnitum Outpost

Trojan.Agent

7.1.1

Avira AntiVirus

TR/ATRAPS.Gen

7.11.133.102

avast!

Win32:Dropper-NII [Drp]

2014.9-140418

Baidu Antivirus

Trojan.Win32.Generic

4.0.3.14418

Bitdefender

Trojan.GenericKDV.1400526

1.0.20.540

Comodo Security

UnclassifiedMalware

17837

Dr.Web

Trojan.DownLoader10.19687

9.0.1.0108

Emsisoft Anti-Malware

Trojan.GenericKDV.1400526

8.14.04.18.11

Fortinet FortiGate

W32/Generic!tr

4/18/2014

F-Secure

Trojan.GenericKDV.1400526

11.2014-18-04_6

G Data

Trojan.GenericKDV.1400526

14.4.24

IKARUS anti.virus

Trojan.Msil

t3scan.2.2.29

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.3998

McAfee

RDN/Generic.dx!ctl

5600.7157

MicroWorld eScan

Trojan.GenericKDV.1400526

15.0.0.324

NANO AntiVirus

Trojan.Win32.DownLoader10.cndlxj

0.28.0.57630

Norman

Suspicious_Gen4.FILCH

11.20140418

nProtect

Trojan.GenericKDV.1400526

14.02.23.01

Panda Antivirus

Generic Malware

14.04.18.11

Qihoo 360 Security

Win32/Trojan.e6d

1.0.0.1015

Quick Heal

Backdoor.Bladabindi.AL3

4.14.12.00

Rising Antivirus

PE:Backdoor.MSIL.Bladabindi!1.9E49

23.00.65.14416

Sophos

Mal/Generic-S

4.97

Trend Micro House Call

TROJ_GEN.F0C2C00KJ13

7.2.108

Trend Micro

TROJ_GEN.F0C2C00KJ13

10.465.18

Vba32 AntiVirus

Trojan.MSIL.Disfa

3.12.24.3

VIPRE Antivirus

Backdoor.MSIL.Bladabindi.a

26786

File size:

522 KB (534,528 bytes)

Product version:

1.9.9.9

Original file name:

Ключи для Nod32 от KkK1337.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\????? ??? nod32 ?? kkk1337.exe

File PE Metadata

Compilation timestamp:

11/13/2013 4:11:03 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

6144:W9HsRBiQ0I4AXsPiJ9rCBk/t67QODSJWs0/HnWL0Df9knsRBiU0I4A:isRNKPiz47Qj0/HaK6sRj

Entry address:

0x5CA1E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

363 KB (371,712 bytes)

Remove Ключи для Nod32 от KkK1337.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.