home

otepyg.exe

HandholdsImmaterial DistributionExceededFlashpoint

CondensationFigurativeDifferentiates

The executable otepyg.exe, “HatlessFlank EncryptionDirectionallyFertilisation” has been detected as malware by 22 anti-virus scanners. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘otepyg’.
Publisher:
CondensationFigurativeDifferentiates

Product:
HandholdsImmaterial DistributionExceededFlashpoint

Description:
HatlessFlank EncryptionDirectionallyFertilisation

Version:
9.8.5.5

MD5:
23ceffc2975891c1fd60cae9321f4c80

SHA-1:
92a70fc5508b7570f36ea2178d119310ba0f8992

SHA-256:
e4fecb70360b51642556e625eef3fd15984209a84d3192adf5369d48b47307fc

Scanner detections:
22 / 68

Status:
Malware

Analysis date:
4/27/2024 12:25:04 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.2262914
6209648

Avira AntiVirus
TR/Kovter.A.161
3.6.1.96

avast!
Win32:Malware-gen
2014.9-150401

AVG
Pakes
2016.0.3152

Baidu Antivirus
Trojan.Win32.Hyteod
4.0.3.1541

Bitdefender
Trojan.GenericKD.2262914
1.0.20.455

Emsisoft Anti-Malware
Trojan.GenericKD.2262914
9.0.0.4799

ESET NOD32
Win32/Kovter
9.11411

Fortinet FortiGate
MSIL/Injector.IVA!tr
4/1/2015

F-Secure
Trojan.GenericKD.2262914
5.13.68

G Data
Trojan.GenericKD.2262914
15.4.25

K7 AntiVirus
Trojan
13.202.15452

Kaspersky
Trojan-Downloader.Win32.Hyteod
15.0.0.543

Malwarebytes
Trojan.MSIL.ED
v2015.04.01.01

McAfee
Trojan.Artemis!23CEFFC29758
16.8.708.2

MicroWorld eScan
Trojan.GenericKD.2262914
16.0.0.273

nProtect
Trojan.GenericKD.2262914
15.04.01.01

Panda Antivirus
Generic Suspicious
15.04.01.01

Qihoo 360 Security
Win32/Trojan.Downloader.807
1.0.0.1015

Sophos
Mal/Generic-S
4.98

Trend Micro House Call
TROJ_FORUCON.BMC
7.2.91

Trend Micro
TROJ_FORUCON.BMC
10.465.01

File size:
335.5 KB (343,601 bytes)

Product version:
9.8.5.5

Trademarks:
HyphenatesImploding

Original file name:
HecklerHeretoforeGatherings.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\otepyg\otepyg.exe

File PE Metadata
Compilation timestamp:
11/20/2010 9:19:46 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:9XdVMWe5pVgqLG/ezUJmNVqxBL+v0M/v9nUOYyrOz91ni6qREd:9Xds53gqLIgUYjqxBhav9UOvrqfndd

Entry address:
0x5516E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
332.5 KB (340,480 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
otepyg

Command:
"C:\users\{user}\appdata\local\otepyg\otepyg.exe"


Remove otepyg.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.