» qpucxhoxhuik.exe
Overview
Analysis
File Details
Behaviors (1)

qpucxhoxhuik.exe

The executable qpucxhoxhuik.exe has been detected as malware by 11 anti-virus scanners. It runs as a windows Service named “Font Adaptive SNMP Link-Layer Hardware”.

File name:

qpucxhoxhuik.exe

MD5:

da4dcffa9a94174dfa07f0892c2f5303

SHA-1:

7ef7ef48e9f7e651c7dec18e1a3e9220c2bb2c7a

SHA-256:

7fcf413c741c084ba9370c57cf306be9cbb52cbb267a5d721f67ff6ff61fa652

Scanner detections:

11 / 68

Status:

Malware

Analysis date:

4/18/2024 9:30:11 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Trojan.Heur.TP.@qW@buVl4xi

5691347

Avira AntiVirus

TR/ATRAPS.Gen

7.11.30.172

avast!

Win32:Malware-gen

160201-0

Dr.Web

Trojan.DownLoader19.13725

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Kazy.791077

10.0.0.5366

ESET NOD32

Win32/Bayrob.BK trojan

7.0.302.0

F-Secure

Variant.Kazy.791077

5.15.21

Kaspersky

Trojan.Win32.Swizzor

15.0.0.562

McAfee

Trojan.Trojan-FHSY!DA4DCFFA9A94

18.0.204.0

Norman

Gen:Variant.Kazy.791077

11.01.2016 17:30:26

Sophos

Virus 'Mal/Bayrob-A'

5.22

File size:

1010.5 KB (1,034,752 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\windows\qpucxhoxhuik.exe

File PE Metadata

Compilation timestamp:

10/30/2013 5:51:09 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

24576:fcv1fm2xGVQRwz489XFwMu8+7BAe630WWnwsP6:fcE22z48hv5wAf30NnwD

Entry address:

0x8925C

Entry point:

E8, 43, 9C, 00, 00, E9, 89, FE, FF, FF, 57, 8B, C6, 83, E0, 0F, 85, C0, 0F, 85, C1, 00, 00, 00, 8B, D1, 83, E1, 7F, C1, EA, 07, 74, 65, EB, 06, 8D, 9B, 00, 00, 00, 00, 66, 0F, 6F, 06, 66, 0F, 6F, 4E, 10, 66, 0F, 6F, 56, 20, 66, 0F, 6F, 5E, 30, 66, 0F, 7F, 07, 66, 0F, 7F, 4F, 10, 66, 0F, 7F, 57, 20, 66, 0F, 7F, 5F, 30, 66, 0F, 6F, 66, 40, 66, 0F, 6F, 6E, 50, 66, 0F, 6F, 76, 60, 66, 0F, 6F, 7E, 70, 66, 0F, 7F, 67, 40, 66, 0F, 7F, 6F, 50, 66, 0F, 7F, 77, 60, 66, 0F, 7F, 7F, 70, 8D, B6, 80, 00, 00, 00, 8D, BF... 
[+]

Entropy:

7.2251

Code size:

639 KB (654,336 bytes)

Service

Display name:

Font Adaptive SNMP Link-Layer Hardware

Type:

Win32OwnProcess, InteractiveProcess

Remove qpucxhoxhuik.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.