» post1.exe
Overview
Analysis
File Details

post1.exe

The application post1.exe has been detected as a potentially unwanted program by 18 anti-malware scanners.

File name:

post1.exe

MD5:

7d8cb5b5062d6b901249038e5dfd7b3f

SHA-1:

2029d4ff0c42dc07d9240fe0be0e5245ec345c42

SHA-256:

c34ca16220c68b52e9497302f1776c8c72d6e375cf79b14e5d9945b2a24dfb52

Scanner detections:

18 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 9:31:57 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.Zusy.91730

775

Agnitum Outpost

PUA.AddLyrics

7.1.1

AhnLab V3 Security

Trojan/Win32.Agent

2014.12.08

Avira AntiVirus

ADWARE/Adware.Gen4

7.11.193.70

Baidu Antivirus

Adware.Win32.AddLyrics

4.0.3.141222

Bitdefender

Gen:Variant.Adware.Zusy.91730

1.0.20.1780

Comodo Security

ApplicUnwnt

20297

Dr.Web

Trojan.Lyrics.259

9.0.1.0356

ESET NOD32

Win32/Adware.AddLyrics.CL (variant)

8.10839

F-Secure

Gen:Variant.Adware.Zusy.91730

11.2014-22-12_2

G Data

Gen:Variant.Adware.Zusy.91730

14.12.24

McAfee

Artemis!7D8CB5B5062D

5600.6909

MicroWorld eScan

Gen:Variant.Adware.Zusy.91730

15.0.0.1068

Norman

Suspicious_Gen5.AWPEJ

11.20141222

Panda Antivirus

Trj/Genetic.gen

14.12.22.03

Qihoo 360 Security

HEUR/Malware.QVM10.Gen

1.0.0.1015

Trend Micro House Call

TROJ_GEN.R047H05K614

7.2.356

VIPRE Antivirus

Trojan.Win32.Generic

35504

File size:

383 KB (392,192 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\post1.exe

File PE Metadata

Compilation timestamp:

9/15/2014 3:45:04 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

6144:hvZSC3VdFoKjIcN0N07V5MXAEVnAQ6Lwx4k9C:Zkc3fIcNt7V5MXbFqLw+k9

Entry address:

0x16576

Entry point:

E8, 0C, B0, 00, 00, E9, 7F, FE, FF, FF, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 7F, 0F, B6, 44, 24, 08, 0F, BA, 25, 08, 11, 45, 00, 01, 73, 0D, 8B, 4C, 24, 0C, 57, 8B, 7C, 24, 08, F3, AA, EB, 5D, 8B, 54, 24, 0C, 81, FA, 80, 00, 00, 00, 7C, 0E, 0F, BA, 25, 44, FD, 44, 00, 01, 0F, 82, F2, B1, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B, C8, C1, E0, 10, 03, C1, 8B, CA, 83, E2, 03, C1, E9, 02, 74, 06, F3... 
[+]

Entropy:

6.1500

Code size:

253 KB (259,072 bytes)

Remove post1.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.