» printbrmps.exe
Overview
Analysis
File Details

printbrmps.exe

The executable printbrmps.exe has been detected as malware by 32 anti-virus scanners.

File name:

printbrmps.exe

MD5:

03c7807667f6c2755526a3d3ea82dd8a

SHA-1:

0d68d68ece2a3b2fd2091846af03fc21a5ea21de

SHA-256:

5319f667ccc8bc7a66155a7ef25f08f57b59745c2db3794b6ca3ad0c1c338d74

Scanner detections:

32 / 68

Status:

Malware

Analysis date:

4/19/2024 10:17:13 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Zusy.82347

354

Agnitum Outpost

Trojan.Inject

7.1.1

AhnLab V3 Security

Trojan/Win32.Inject

16.02.15

Avira AntiVirus

TR/Splori.A.12

7.11.141.188

avast!

MSIL:Agent-BMF [Trj]

2014.9-160215

AVG

Worm/Pakes

2017.0.2832

Baidu Antivirus

Trojan.Win32.Inject

4.0.3.16215

Bitdefender

Gen:Variant.Zusy.82347

1.0.20.230

Bkav FE

W32.MalagentDapatoG.Trojan

1.3.0.4959

Comodo Security

UnclassifiedMalware

18066

Dr.Web

BackDoor.Blackshades.17

9.0.1.046

Emsisoft Anti-Malware

Gen:Variant.Zusy.82347

8.16.02.15.07

ESET NOD32

MSIL/Injector.CRN (variant)

10.9648

Fortinet FortiGate

W32/Inject.CRN!tr

2/15/2016

F-Secure

Gen:Variant.Zusy.82347

11.2016-15-02_2

G Data

Gen:Variant.Zusy.82347

16.2.24

IKARUS anti.virus

Virus.Worm.Pakes

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.176.11684

Kaspersky

Trojan.Win32.Inject

14.0.0.656

Malwarebytes

Trojan.MSIL

v2016.02.15.07

McAfee

RDN/Generic.dx!cz3

5600.6488

Microsoft Security Essentials

Trojan:MSIL/Splori.A

1.10401

MicroWorld eScan

Gen:Variant.Zusy.82347

17.0.0.138

NANO AntiVirus

Trojan.Win32.Inject.ctwfob

0.28.0.59048

Norman

Troj_Generic.SQLOF

11.20160215

Panda Antivirus

Trj/CI.A

16.02.15.07

Qihoo 360 Security

Win32/Trojan.88c

1.0.0.1015

Quick Heal

Trojan.Splori

2.16.12.00

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_GEN.R0CBC0DBM14

7.2.46

Trend Micro

TROJ_GEN.R0CBC0DBM14

10.465.15

VIPRE Antivirus

Trojan.Win32.Generic

28115

File size:

322.5 KB (330,240 bytes)

File type:

Executable application (Win32 EXE)

Language:

Polish (Poland)

Common path:

C:\users\{user}\appdata\roaming\adobe\printbrmps.exe

File PE Metadata

Compilation timestamp:

2/5/2014 2:00:16 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

6144:6MJ7OMkIf2emPpJqgTs6vjouGy3K7tcRdehh1+IzOSJ:vkIf25JtsOouL3K7GshD5zt

Entry address:

0x521BE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 00, 10, 00, 00, 00, 20, 00, 00, 80, 18, 00, 00, 00, 38, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, 50, 00, 00, 80, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.9024

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

320.5 KB (328,192 bytes)

Remove printbrmps.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.