» qof30ukh.f0s.exe
Overview
Analysis
File Details

qof30ukh.f0s.exe

often

account

The application qof30ukh.f0s.exe has been detected as a potentially unwanted program by 26 anti-malware scanners.

File name:

qof30ukh.f0s.exe

Publisher:

account

Product:

often

Version:

4.10.349.0

MD5:

4d1530d6f83005eaf0f2345d7c3c0b79

SHA-1:

e02e330598e1b8395c36cc8d02991602655c4457

SHA-256:

8e0778a707855e2b2dbe3266477d09851e9f3fecf872c22e5f20606919753db7

Scanner detections:

26 / 68

Status:

Potentially unwanted

Analysis date:

4/19/2024 3:31:51 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1783261

873

AhnLab V3 Security

Adware/Win32.Cosstminn

2014.08.04

Avira AntiVirus

TR/Rogue.421888.7

7.11.165.30

avast!

Win32:Dropper-gen [Drp]

2014.9-140915

AVG

Generic5

2015.0.3351

Baidu Antivirus

Trojan.Win32.MultiPlug

4.0.3.14730

Bitdefender

Trojan.GenericKD.1783261

1.0.20.1290

Comodo Security

Application.Win32.MultiPlug.AWAW

19077

Dr.Web

Trojan.DownLoader11.24565

9.0.1.0258

Emsisoft Anti-Malware

Trojan.GenericKD.1783261

8.14.09.15.01

ESET NOD32

Win32/AdWare.MultiPlug.AW (variant)

8.10173

F-Secure

Trojan.GenericKD.1783261

11.2014-15-09_2

G Data

Trojan.GenericKD.1783261

14.9.24

Kaspersky

Trojan.Win32.Badur

14.0.0.3250

Malwarebytes

PUP.Optional.MultiPlug

v2014.07.30.12

McAfee

RDN/Generic PUP.x!ckp

5600.7007

MicroWorld eScan

Trojan.GenericKD.1783261

15.0.0.774

nProtect

Trojan.GenericKD.1783261

14.08.03.01

Panda Antivirus

Trj/CI.A

14.09.15.01

Qihoo 360 Security

Win32/Trojan.578

1.0.0.1015

Reason Heuristics

Threat.Win.Reputation.IMP

14.9.15.1

Sophos

Generic PUA LK

4.98

Trend Micro House Call

TROJ_SPNR.3AH414

7.2.258

Trend Micro

TROJ_SPNR.3AH414

10.465.15

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

31900

File size:

413 KB (422,912 bytes)

Product version:

4.10

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\qof30ukh.f0s.exe

File PE Metadata

Compilation timestamp:

7/29/2014 9:33:58 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

6144:A5KmzPIPUDtWn96fE8mBATH2yu2J1Jjl64003/p:TmE+A93ZBc1Jjl6400vp

Entry address:

0x1EEFE

Entry point:

E8, C6, 5F, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 90, AD, 44, 00, E8, 0C, 33, 00, 00, E8, 0D, 24, 00, 00, 0F, B7, F0, 6A, 02, E8, 59, 5F, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 8D, 3D, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8... 
[+]

Entropy:

6.1610

Code size:

236 KB (241,664 bytes)

Remove qof30ukh.f0s.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.