home

PidginPortable.exe

Pidgin Portable

PortableApps.com

The executable PidginPortable.exe has been detected as malware by 32 anti-virus scanners. The file has been seen being downloaded from www.wendtundwendt.de.
Publisher:
PortableApps.com

Product:
Pidgin Portable

Version:
1.6.9.0

MD5:
54399e0eba72529cde27c0a90f19eddf

SHA-1:
b5fc3b352789a2fa49ee7aba21d2674bbc07534e

SHA-256:
6f660b19519e573e8523f5c158426e4eb2042ef1ce2f46b32ed6d10752832d53

Scanner detections:
32 / 68

Status:
Malware

Analysis date:
4/19/2024 9:43:26 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Backdoor.Androm
7.1.1

AhnLab V3 Security
Trojan/Win32.Inject
2013.12.05

Avira AntiVirus
TR/Crypt.Xpack.44130
7.11.117.238

avast!
Win32:Malware-gen
2014.9-130824

AVG
Win32/Cryptor
2014.0.3538

Baidu Antivirus
Backdoor.Win32.Androm
4.0.3.131126

Bitdefender
Trojan.GenericKD.1183753
1.0.20.1180

Comodo Security
UnclassifiedMalware
17386

Dr.Web
Trojan.Necurs.160
9.0.1.0236

Emsisoft Anti-Malware
Trojan.GenericKD.1183753
8.13.08.24.01

ESET NOD32
Win32/Injector.ALBH (variant)
7.9132

Fortinet FortiGate
W32/Androm.AOCK!tr
8/24/2013

F-Secure
Trojan.GenericKD.1183753
11.2013-24-08_7

G Data
Trojan.GenericKD.1183753
13.8.22

IKARUS anti.virus
Virus.Win32.Cryptor
t3scan.2.2.29

K7 AntiVirus
Riskware
13.174.10410

Kaspersky
Backdoor.Win32.Androm
14.0.0.3768

Malwarebytes
Trojan.Ransom.PA
v2013.08.24.01

McAfee
RDN/Generic BackDoor!sw
5600.7176

Microsoft Security Essentials
VirTool:Win32/Injector.gen!EJ
1.163.1557.0

MicroWorld eScan
Trojan.GenericKD.1183753
14.0.0.990

Norman
Troj_Generic.OBYEY
11.20130824

Panda Antivirus
Trj/Genetic.gen
13.08.24.01

Quick Heal
Trojan.Lethic.B5
12.13.12.00

Reason Heuristics
Unnamed.Threat.34
14.3.1.0

Sophos
Mal/EncPk-AKA
4.95

SUPERAntiSpyware
Trojan.Agent/Gen-Malagent
10697

Trend Micro House Call
WORM_CRIDEX.KY
7.2.236

Trend Micro
WORM_CRIDEX.KY
10.465.24

Vba32 AntiVirus
BScope.MalwareCryptor.Oop
3.12.24.3

VIPRE Antivirus
Trojan.Win32.Agent.adgv
24022

ViRobot
Trojan.Win32.Injector.112640
2011.4.7.4223

File size:
111.5 KB (114,176 bytes)

Product version:
1.6.9.0

Copyright:
John T. Haller

Trademarks:
PortableApps.com is a Trademark of Rare Ideas, LLC.

Original file name:
PidginPortable.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\pidginportable.exe

File PE Metadata
Compilation timestamp:
8/14/2013 4:14:46 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
1536:nPZ4V1tmSRhUfPwaOPwJdeZ6TzP4hQ6T3NIlDlH2suZY39UdNW/2uIGb:nPZ4V1tVhg7Y674n3yDssYo/2FW

Entry address:
0x19A6

Entry point:
E8, 49, 2B, 00, 00, E9, 89, FE, FF, FF, 6A, 00, 68, 00, 10, 00, 00, 6A, 00, FF, 15, 90, 90, 40, 00, 33, C9, 85, C0, 0F, 95, C1, A3, 40, C9, 41, 00, 8B, C1, C3, 8B, FF, 55, 8B, EC, 8B, 45, 08, 33, C9, 3B, 04, CD, 10, D0, 40, 00, 74, 13, 41, 83, F9, 2D, 72, F1, 8D, 48, ED, 83, F9, 11, 77, 0E, 6A, 0D, 58, 5D, C3, 8B, 04, CD, 14, D0, 40, 00, 5D, C3, 05, 44, FF, FF, FF, 6A, 0E, 59, 3B, C8, 1B, C0, 23, C1, 83, C0, 08, 5D, C3, E8, 66, 07, 00, 00, 85, C0, 75, 06, B8, 78, D1, 40, 00, C3, 83, C0, 08, C3, E8, 53, 07...
 
[+]

Entropy:
6.5569

Code size:
28.5 KB (29,184 bytes)

The file PidginPortable.exe has been seen being distributed by the following URL.

http://www.wendtundwendt.de/callback/.../nvver.exe

Remove PidginPortable.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.