home

ppzltcqvggths.exe

The application ppzltcqvggths.exe has been detected as a potentially unwanted program by 18 anti-malware scanners.
Description:
cescmfjlmmcrxz

Version:
4.0.6.68

MD5:
e866084611bc2075e4f5e6f265144f20

SHA-1:
89e62a9c1ef200c5c35af37ec5169d6ee805a535

SHA-256:
a69c21088dd3cc1b86be21ff9784f9d87f083bd2317dc4c8b0b3982ee187250a

Scanner detections:
18 / 68

Status:
Potentially unwanted

Analysis date:
4/25/2024 10:08:33 AM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
Adware/Win32.DomaIQ
2014.01.06

Avira AntiVirus
APPL/DomaIQ.Gen
7.11.129.238

avast!
Win32:DomaIQ-AZ [PUP]
2014.9-140107

Baidu Antivirus
Adware.Win32.DomaIQ
4.0.3.1417

Comodo Security
Application.MSIL.DomaIQ.A
17744

Dr.Web
Adware.Downware.1824
9.0.1.07

ESET NOD32
MSIL/DomaIQ (variant)
8.9253

Fortinet FortiGate
Adware/MSIL_DomaIQ
1/7/2014

K7 AntiVirus
Trojan
13.175.10735

Kaspersky
not-a-virus:AdWare.MSIL.DomaIQ
14.0.0.4504

Norman
Obfuscated.gen!r
11.20140107

Panda Antivirus
Trj/dtcontx.J
14.01.07.05

Qihoo 360 Security
HEUR/Malware.QVM03.Gen
1.0.0.1015

Quick Heal
AdWare.MSIL.DomaIQ.aad (Not a Virus)
4.14.12.00

Sophos
Generic PUA IJ
4.96

Trend Micro House Call
TROJ_GEN.R047H07A414
7.2.7

Trend Micro
TROJ_SPNR.0BAC14
10.465.24

VIPRE Antivirus
Trojan.Win32.Generic
26224

File size:
7 KB (7,168 bytes)

Product version:
4.0.6.68

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\ppzltcqvggths.exe

File PE Metadata
Compilation timestamp:
12/23/2013 11:32:58 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
96:oGHY+K/HCtuERxLXNXv/U1tRGdok32PskAVy0ZKyX89mbT:oGHZuHwukxjNnkRGdGzaKysEf

Entry address:
0x335E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
4.6919

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
5 KB (5,120 bytes)

Remove ppzltcqvggths.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.