» pps-qq-19.exe
Overview
Analysis
File Details

pps-qq-19.exe

The executable pps-qq-19.exe has been detected as malware by 11 anti-virus scanners.

File name:

pps-qq-19.exe

MD5:

fd0e019e70dcc2b369ce03178e506456

SHA-1:

9bbc388ed2dd3e08a40d7bb4d6404093b7a1c93e

SHA-256:

f97f189ec0c60159b82ad1b3639b89fe1bd00afe55fd6fb47d375923d8d02bde

Scanner detections:

11 / 68

Status:

Malware

Analysis date:

4/25/2024 10:36:31 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.2433817

5547725

AVG

Crypt4

2016.0.3101

Bitdefender

Trojan.GenericKD.2433817

1.0.20.715

Bkav FE

HW32.Packed

1.3.0.6379

Emsisoft Anti-Malware

Trojan.GenericKD.2433817

10.0.0.5366

ESET NOD32

Win32/Kryptik.DJET trojan

7.0.302.0

F-Secure

Trojan.GenericKD.2433817

5.14.151

G Data

Trojan.GenericKD.2433817

15.5.25

MicroWorld eScan

Trojan.GenericKD.2433817

16.0.0.429

Norman

Gen:Variant.Symmi.45869

03.12.2014 13:20:04

Panda Antivirus

Generic Suspicious

15.05.23.10

File size:

1.3 MB (1,402,880 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\pps-qq-19.exe

File PE Metadata

Compilation timestamp:

2/28/2014 6:31:45 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.0

CTPH (ssdeep):

24576:pg2XA6ERDNfyaGDqy8rGg+/nIwja0Wwnn9jH1mkqDhhquBMrwOvGgRu/j:yvfyaGD4rh+/IkL9jczDT3BMrwuGgR

Entry address:

0x29AC

Entry point:

55, 90, 54, 5D, 83, EC, 68, 83, C3, E3, C6, 05, DB, C1, 14, 01, 7E, 8B, 35, 15, C1, 14, 01, 31, 1D, 44, C1, 14, 01, 8A, 1D, A6, C1, 14, 01, C6, 05, 01, C1, 14, 01, 6D, 8A, 3D, 16, C0, 14, 01, C6, 05, 62, C1, 14, 01, F1, 29, DB, 19, 1D, CC, C0, 14, 01, C6, 05, F5, C1, 14, 01, D4, 29, 1D, 7C, C0, 14, 01, 68, 00, C2, 14, 01, E8, 51, 08, 00, 00, 85, C0, 0F, 85, 57, 08, 00, 00, C6, 05, 77, C0, 14, 01, C2, 8A, 1D, 56, C0, 14, 01, 83, EB, B9, C6, 05, 06, C0, 14, 01, 24, C6, 05, BF, C0, 14, 01, F5, 31, 1D, C9, C0... 
[+]

Code size:

1.3 MB (1,354,240 bytes)

Remove pps-qq-19.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.