» RefBoost.exe
Overview
Analysis
File Details

RefBoost.exe

RefBoostUpdater

The executable RefBoost.exe has been detected as malware by 17 anti-virus scanners.

File name:

RefBoost.exe

Product:

RefBoostUpdater

Version:

1.0.0.0

MD5:

a7bfbb54b07f20e24cad064ffc1aeb33

SHA-1:

d96e9e13b02810ad197168f21598c43f3304abe8

SHA-256:

69c8165c1d7934f5b85cf6dee07f0338ef84435229bed1343036889a53851273

Scanner detections:

17 / 68

Status:

Malware

Analysis date:

4/25/2024 4:29:29 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.11963813

834

Avira AntiVirus

TR/Dropper.MSIL.Gen

7.11.180.214

avast!

Win32:Malware-gen

2014.9-141023

AVG

MSIL5

2015.0.3312

Baidu Antivirus

Hacktool.MSIL.Confuser

4.0.3.141023

Bitdefender

Trojan.Generic.11963813

1.0.20.1480

Comodo Security

UnclassifiedMalware

19883

Emsisoft Anti-Malware

Trojan.Generic.11963813

8.14.10.23.09

ESET NOD32

MSIL/Packed.Confuser (variant)

8.10608

F-Secure

Trojan.Generic.11963813

11.2014-23-10_5

G Data

Trojan.Generic.11963813

14.10.24

McAfee

Artemis!A7BFBB54B07F

5600.6968

MicroWorld eScan

Trojan.Generic.11963813

15.0.0.888

nProtect

Trojan.Generic.11963813

14.10.23.01

Qihoo 360 Security

HEUR/Malware.QVM03.Gen

1.0.0.1015

Sophos

Generic PUA NJ

4.98

VIPRE Antivirus

Trojan.Win32.Generic

34176

File size:

209 KB (214,016 bytes)

Product version:

1.0.0.0

Original file name:

RefBoost.exe

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

10/13/2014 6:58:07 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

6144:Wi6MavcR04RS1C2YCFP0dT3Y0tKc4pz8:WikWFRSlYKw3Y0tKc4B8

Entry address:

0x1D2AE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

109 KB (111,616 bytes)

Remove RefBoost.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.