» powerman.exe
Overview
Analysis
File Details
Behaviors (1)

powerman.exe

TODO: <产品名>

TODO: <公司名>

The executable powerman.exe has been detected as malware by 34 anti-virus scanners.

File name:

powerman.exe

Publisher:

TODO: <公司名>

Product:

TODO: <产品名>

Description:

TODO: <文件说明>

Version:

1.0.0.1

MD5:

07c7084d389b8a6afbf2eb978487a84e

SHA-1:

c3d7515b595e1c8354f90e1ca2016f3728303b29

SHA-256:

272e7065498e384ee67038af12880216ffe795592ce47baea1364ca1e8421af4

Scanner detections:

34 / 68

Status:

Malware

Analysis date:

5/10/2024 8:06:52 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Graftor.125571

680

AhnLab V3 Security

Backdoor/Win32.Agent

2015.03.16

Avira AntiVirus

TR/Dropper.Gen

7.11.217.156

avast!

Win32:Malware-gen

2014.9-150327

AVG

Crypt_c

2016.0.3158

Baidu Antivirus

Trojan.Win32.FrauDrop

4.0.3.15327

Bitdefender

Gen:Variant.Graftor.125571

1.0.20.430

Comodo Security

UnclassifiedMalware

21430

Dr.Web

Trojan.DownLoader11.18648

9.0.1.086

Emsisoft Anti-Malware

Gen:Variant.Graftor.125571

8.15.03.27.08

ESET NOD32

Win32/Agent.WAM (variant)

9.11326

Fortinet FortiGate

W32/FrauDrop.AFDQA!tr

3/27/2015

F-Prot

W32/Trojan5.KIV

v6.4.7.1.166

F-Secure

Gen:Variant.Graftor.125571

11.2015-27-03_6

G Data

Gen:Variant.Graftor.125571

15.3.25

IKARUS anti.virus

Trojan.Win32.Agent

t3scan.1.8.6.0

K7 AntiVirus

Trojan

13.201.15268

Kaspersky

Trojan-Dropper.Win32.FrauDrop

14.0.0.2283

McAfee

Artemis!07C7084D389B

5600.6814

Microsoft Security Essentials

Trojan:Win32/Sisproc!gmb

1.1.11400.0

MicroWorld eScan

Gen:Variant.Graftor.125571

16.0.0.258

NANO AntiVirus

Trojan.Win32.FrauDrop.dbnyoz

0.30.0.296

Norman

Troj_Generic.UTAVG

11.20150327

nProtect

Trojan-Dropper/W32.FrauDrop.3341824

15.03.16.01

Panda Antivirus

Trj/CI.A

15.03.27.08

Qihoo 360 Security

Win32/Trojan.Dropper.a44

1.0.0.1015

Rising Antivirus

PE:Trojan.Win32.Generic.16DE825F!383681119

23.00.65.15325

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_SPNR.06GA14

7.2.86

Trend Micro

TROJ_SPNR.06GA14

10.465.27

Vba32 AntiVirus

suspected of Trojan.Downloader.gen

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

38470

ViRobot

Backdoor.Win32.S.Agent.3341824[h]

2014.3.20.0

Zillya! Antivirus

Dropper.FrauDrop.Win32.16502

2.0.0.2100

File size:

3.2 MB (3,341,824 bytes)

Product version:

1.0.0.1

Original file name:

MainE.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\roaming\powermanager\powerman.exe

File PE Metadata

Compilation timestamp:

6/11/2014 7:42:34 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

98304:sim6dHD5mIErBJ1teZvEL2pjj6dCLLnpwoHui:5BFNYBPgZEIv/zWbi

Entry address:

0x3D32

Entry point:

E8, 9E, 52, 00, 00, E9, 95, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 08, 41, 41, 00, 89, 0D, 04, 41, 41, 00, 89, 15, 00, 41, 41, 00, 89, 1D, FC, 40, 41, 00, 89, 35, F8, 40, 41, 00, 89, 3D, F4, 40, 41, 00, 66, 8C, 15, 20, 41, 41, 00, 66, 8C, 0D, 14, 41, 41, 00, 66, 8C, 1D, F0, 40, 41, 00, 66, 8C, 05, EC, 40, 41, 00, 66, 8C, 25, E8, 40, 41, 00, 66, 8C, 2D, E4, 40, 41, 00, 9C, 8F, 05, 18, 41, 41, 00, 8B, 45, 00, A3, 0C, 41, 41, 00, 8B, 45, 04, A3, 10, 41, 41, 00, 8D, 45, 08, A3, 1C, 41, 41... 
[+]

Entropy:

6.6714

Code size:

53.5 KB (54,784 bytes)

User Start Menu Item

Name:

PowerMan.exe

Remove powerman.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.