» PB Kaybo V4.exe
Overview
Analysis
File Details
Downloads (1)

PB Kaybo V4.exe

InjecXPB

Andrie Pekalongan

The application PB Kaybo V4.exe has been detected as a potentially unwanted program by 23 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from dc153.4shared.com.

File name:

PB Kaybo V4.exe

Publisher:

Andrie Pekalongan

Product:

InjecXPB

Version:

1.00

MD5:

bb5987d890a9a7d61a31807352e5e975

SHA-1:

8fb1d69606bbd0b4e6331661729cfdd886813669

SHA-256:

ca24f4c1bc2ea6185ed69e9588eedf8f92271f49023c9477c80a4516511aff3b

Scanner detections:

23 / 68

Status:

Potentially unwanted

Analysis date:

5/1/2024 7:29:44 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Riskware.HackTool

7.1.1

AhnLab V3 Security

Malware/Win32.Suspicious

2013.06.25

Avira AntiVirus

SPR/Tool.Hackaject.116

7.11.86.182

avast!

Win32:Malware-gen

2014.9-160710

AVG

Skodna.GameHack

2017.0.2687

Bitdefender

Gen:Variant.Strictor.3898

1.0.20.960

Comodo Security

UnclassifiedMalware

16485

Dr.Web

Trojan.Popuper.40681

9.0.1.0192

Emsisoft Anti-Malware

Gen:Variant.Strictor.3898

8.16.07.10.01

ESET NOD32

Win32/HackTool.Inject (variant)

10.8484

Fortinet FortiGate

Malware_fam.NB

7/10/2016

G Data

Gen:Variant.Strictor.3898

16.7.22

IKARUS anti.virus

HackTool.Win32.Hackaject

t3scan.2.0.3.0

K7 AntiVirus

Riskware

13.170.8908

McAfee

Generic PUP.z!ny

5600.6343

Microsoft Security Essentials

HackTool:Win32/Hackaject

1.163.1557.0

NANO AntiVirus

Trojan.Win32.Popuper.qkdgn

0.24.0.52848

Norman

Troj_Generic.BPNDK

11.20160710

Panda Antivirus

Trj/Genetic.gen

16.07.10.01

Quick Heal

(Suspicious) - DNAScan

7.16.12.00

Rising Antivirus

Trojan.Win32.Generic.12C491C6

23.00.65.16708

Sophos

Generic PUA IP

4.90

VIPRE Antivirus

Trojan.Win32.Generic

18998

File size:

399.4 KB (408,988 bytes)

Product version:

1.00

Original file name:

PB Kaybo V4.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\pb kaybo v4.exe

File PE Metadata

Compilation timestamp:

4/30/2012 4:17:02 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

12288:qG5YheFAk3fJXdykHpqNyj8gvvvvvvvvvvvvvvvvvvvvvvvvvvvQayu6:qyAeFAUfJXdykHpq8j76

Entry address:

0x4F000

Entry point:

60, 7C, 03, 7D, 01, 74, F8, 72, 03, 73, 01, 74, 50, E8, 01, 00, 00, 00, E8, 83, C4, 04, 58, 13, C5, EB, 01, 7D, C1, C3, CC, EB, 01, 74, D3, EB, 78, 03, 79, 01, 7F, 66, 8B, C6, 50, E8, 01, 00, 00, 00, 9A, 83, C4, 04, 58, 0F, 88, 02, 00, 00, 00, 85, DE, E8, 01, 00, 00, 00, 75, 83, C4, 04, BE, B6, 9F, A3, B0, 72, 03, 73, 01, E9, 66, D3, FE, E8, 01, 00, 00, 00, 7E, 83, 04, 24, 06, C3, 0F, 80, 02, 00, 00, 00, D3, EE, EB, 01, 74, 87, F3, E8, 01, 00, 00, 00, 72, 83, 04, 24, 06, C3, 7D, 02, 85, F0, EB, 01, 74, 1B... 
[+]

Code size:

432 KB (442,368 bytes)

The file PB Kaybo V4.exe has been seen being distributed by the following URL.

http://dc153.4shared.com/download/.../pb_kaybo_v4.exe

Remove PB Kaybo V4.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.