» oxyforensic.exe
Overview
Analysis
File Details
Programs (1)

oxyforensic.exe

The application oxyforensic.exe has been detected as a potentially unwanted program by 22 anti-malware scanners. This file is typically installed with the program Oxygen Forensic Suite 2014 by Oxygen Software.

File name:

oxyforensic.exe

MD5:

fc83737764222d267d4722dc09d65199

SHA-1:

0848fca33174536fd076a0f23245c9c6efbd6a94

SHA-256:

c8225a3237199017c4b2a06b02688db6ac60d0888b81c4404a0c917cdfa0d6a8

Scanner detections:

22 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 5:16:31 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.11801348

801

Agnitum Outpost

Riskware.HackTool

7.1.1

Avira AntiVirus

TR/Crypt.XPACK.Gen3

7.11.182.254

Baidu Antivirus

Hacktool.Win32.Patcher

4.0.3.141126

Bitdefender

Trojan.Generic.11801348

1.0.20.1650

Emsisoft Anti-Malware

Trojan.Generic.11801348

8.14.11.26.06

ESET NOD32

Win32/HackTool.Patcher (variant)

8.10666

Fortinet FortiGate

Riskware/Patcher

11/26/2014

F-Secure

Trojan.Generic.11801348

11.2014-26-11_4

G Data

Trojan.Generic.11801348

14.11.24

IKARUS anti.virus

Trojan.SuspectCRC

t3scan.1.8.3.0

K7 AntiVirus

Hacktool

13.185.13888

McAfee

Artemis!FC8373776422

5600.6935

Microsoft Security Essentials

HackTool:Win32/Patcher.D

1.11104

MicroWorld eScan

Trojan.Generic.11801348

15.0.0.990

NANO AntiVirus

Trojan.Win32.XPACK.ddqorb

0.28.6.62995

Norman

Suspicious_Gen4.GYIVE

11.20141126

nProtect

Trojan.Generic.11801348

14.11.03.01

Qihoo 360 Security

Win32/Trojan.160

1.0.0.1015

Rising Antivirus

PE:Trojan.Win32.Generic.17413776!390150006

23.00.65.141124

Sophos

Generic PUA AI

4.98

Zillya! Antivirus

Trojan.Genome.Win32.202994

2.0.0.1975

File size:

43.5 KB (44,544 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\oxygen software\oxygen forensic suite 2014\oxyforensic.exe

File PE Metadata

Compilation timestamp:

4/13/2012 10:57:44 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

768:mSahTD0HyWhDTXaq5JirbecyxZMm9V1cR7Qcg:WhEzZTR5JiOBxPV+5Qcg

Entry address:

0x1702

Entry point:

E8, 6B, 11, 00, 00, EB, 0A, 66, 81, 38, 22, 20, 75, 02, EB, 06, 40, 80, 38, 00, 75, F1, A3, CC, 42, 40, 00, 6A, 00, E8, 60, 11, 00, 00, A3, C8, 42, 40, 00, E8, 26, 10, 00, 00, 6A, 00, E8, 3B, 14, 00, 00, E8, 86, FF, FF, FF, E8, D4, 03, 00, 00, C7, 05, E0, 52, 40, 00, 44, 00, 00, 00, E8, C9, 05, 00, 00, E8, 1D, 0B, 00, 00, 6A, 00, E8, 06, 11, 00, 00, 55, 8B, EC, 83, C4, FC, 60, 8D, 45, FC, 50, 6A, 00, FF, 75, 0C, FF, 75, 08, 6A, 00, 6A, 00, E8, DE, 10, 00, 00, 50, E8, C0, 10, 00, 00, 61, C9, C2, 08, 00, 55... 
[+]

Entropy:

5.6158

Packer / compiler:

Safeguard 1.0

Code size:

7 KB (7,168 bytes)

The file oxyforensic.exe has been discovered within the following program.

Oxygen Forensic Suite 2014 by Oxygen Software

www.oxygensoftware.com

About 7% of users remove it

Remove oxyforensic.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.