» rdos.exe
Overview
Analysis
File Details
Downloads (2)

rdos.exe

The application rdos.exe has been detected as a potentially unwanted program by 39 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from mega.nz and multiple other hosts.

File name:

rdos.exe

MD5:

ddd822d85f905d0c62367e95e9c52530

SHA-1:

51144cd598dafa90ae11c808ecda599c0a40d859

SHA-256:

f7f4e3b335a56e9334681f82da4f0170d2d633588008d022045885e26dd8c057

Scanner detections:

39 / 68

Status:

Potentially unwanted

Analysis date:

4/19/2024 2:46:20 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.6518014

1042

Agnitum Outpost

Trojan.DDoS.Small

7.1.1

AhnLab V3 Security

Win-Trojan/Rixdos.22748

14.03.30

Avira AntiVirus

TR/Htool.WEZ

7.11.140.10

avast!

Win32:DDoS-K [Tool]

2014.9-140330

AVG

Generic20

2015.0.3520

Baidu Antivirus

Trojan.Win32.DDOS

4.0.3.14330

Bitdefender

Trojan.Generic.6518014

1.0.20.445

Bkav FE

W32.Clod94f.Trojan

1.3.0.4959

Comodo Security

TrojWare.Win32.Agent.~TK

18011

Dr.Web

DDoS.5724

9.0.1.089

Emsisoft Anti-Malware

Trojan.Generic.6518014

8.14.03.30.07

ESET NOD32

Win32/HackTool.DosTool

8.9610

Fortinet FortiGate

Riskware/DDoS

3/30/2014

F-Prot

W32/Trojan4.AEMW

v6.4.7.1.166

F-Secure

Trojan.Generic.6518014

11.2014-30-03_1

G Data

Trojan.Generic.6518014

14.3.24

IKARUS anti.virus

Trojan-DDoS.Win32.Small

t3scan.2.2.29

K7 AntiVirus

Hacktool

13.176.11595

Kaspersky

Trojan-DDoS.Win32.Small

14.0.0.4093

Malwarebytes

HackTool.DOS

v2014.03.30.07

McAfee

Generic.mb

5600.7176

Microsoft Security Essentials

DDoS:Win32/RixDos.A

1.10401

MicroWorld eScan

Trojan.Generic.6518014

15.0.0.267

NANO AntiVirus

Trojan.Win32.Small.dlmme

0.28.0.58720

Norman

Hacktool.KKR

11.20140330

nProtect

Trojan/W32.DoS.22748

14.03.28.01

Panda Antivirus

Generic Malware

14.03.30.07

Qihoo 360 Security

Adware/Win32.180solutions.BM

1.0.0.1015

Quick Heal

Trojan.Agent.WD.cw5

3.14.12.00

Rising Antivirus

PE:Trojan.Win32.Generic.1238D4E4!305714404

23.00.65.14328

Sophos

Troj/DDos-AO

4.98

Total Defense

Win32/Tnega.APCU

37.0.10846

Trend Micro House Call

HKTL_DDOS

7.2.89

Trend Micro

HKTL_DDOS

10.465.30

Vba32 AntiVirus

TrojanDDoS.Small

3.12.24.3

VIPRE Antivirus

Trojan.Win32.Generic

27818

ViRobot

Trojan.Win32.S.DDos-Agent.22748

2011.4.7.4223

XVirus List

Win.Detected

2.3.31

File size:

22.2 KB (22,748 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

6/29/2009 4:57:02 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

2.56

CTPH (ssdeep):

192:U4/aTd/GMGiGzsnX47i47CmFBaWi803On9gB/mPbyr89E85CN+:Ubd/BGiyeMiMCYab3O9C/Em49E88c

Entry address:

0x1280

Entry point:

55, 89, E5, 83, EC, 08, C7, 04, 24, 01, 00, 00, 00, FF, 15, 5C, 61, 46, 00, E8, B8, FE, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 89, E5, 83, EC, 08, C7, 04, 24, 02, 00, 00, 00, FF, 15, 5C, 61, 46, 00, E8, 98, FE, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 8B, 0D, 7C, 61, 46, 00, 89, E5, 5D, FF, E1, 8D, 74, 26, 00, 55, 8B, 0D, 70, 61, 46, 00, 89, E5, 5D, FF, E1, 90, 90, 90, 90, 55, 89, E5, 5D, E9, 5F, 06, 00, 00, 90, 90, 90, 90, 90, 90, 90, 55, 89, E5, 83, EC, 18, C7, 04, 24, 74, 00, 00, 00, E8, 6E, 09... 
[+]

Packer / compiler:

MingWin32 - Dev C++ v4.x (h)

Code size:

3.5 KB (3,584 bytes)

The file rdos.exe has been seen being distributed by the following 2 URLs.

https://mega.nz/temporary/.../tsoi0KSb

http://download1128.mediafire.com/jbthpykeeyog/.../Rdos.exe

Remove rdos.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.