» ROUT95.EXE
Overview
Analysis
File Details

ROUT95.EXE

ZYX

The executable ROUT95.EXE has been detected as malware by 14 anti-virus scanners.

File name:

ROUT95.EXE

Publisher:

ZYX

Version:

1, 0, 0, 1

MD5:

c1e7781a0129bd570f62b18f60fed5e8

SHA-1:

2907f63462f6402fcf3e46df2de63a2e6297b88c

SHA-256:

ea196b5c08ee58ebf4437e88c8eb7316e5b0d178f1c0961b15ec5e1ab5289e6d

Scanner detections:

14 / 68

Status:

Malware

Analysis date:

4/24/2024 3:12:09 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Trojan.Agent2

7.1.1

AhnLab V3 Security

Win-Trojan/Flashkiller.241152

2015.03.01

AVG

Generic17

2016.0.2913

Comodo Security

UnclassifiedMalware

21245

Kaspersky

UDS:DangerousObject.Multi.Generic

14.0.0.1061

McAfee

Artemis!C1E7781A0129

5600.6569

NANO AntiVirus

Trojan.Win32.Gendal.cxlbfn

0.30.0.296

Norman

Suspicious_Gen2.CSAHH

11.20151126

nProtect

Trojan/W32.Agent.241152.Q

15.02.27.01

Panda Antivirus

Trj/CI.A

15.11.26.07

Qihoo 360 Security

Win32/Trojan.PWS.64b

1.0.0.1015

Sophos

Mal/Generic-S

4.98

VIPRE Antivirus

Trojan.Win32.Generic

38002

Zillya! Antivirus

Trojan.Agent.Win32.178246

2.0.0.2085

File size:

235.5 KB (241,152 bytes)

Product version:

1, 0, 1, 1

Original file name:

ROUT95.EXE

File type:

Executable application (Win32 EXE)

Language:

English (United States)

File PE Metadata

Compilation timestamp:

2/13/1997 3:54:48 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

4.20

CTPH (ssdeep):

6144:bf89rYNe8NJhtVYTHevDlWC/KzmnNRMu:borYVvYCvcC/KyLd

Entry address:

0x147D0

Entry point:

64, A1, 00, 00, 00, 00, 55, 8B, EC, 6A, FF, 68, 68, BF, 42, 00, 68, B4, 82, 41, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 60, 53, 56, 57, 89, 65, E8, FF, 15, 10, 67, 43, 00, A3, F4, 0C, 43, 00, 33, C0, A0, F5, 0C, 43, 00, A3, 00, 0D, 43, 00, A1, F4, 0C, 43, 00, C1, 2D, F4, 0C, 43, 00, 10, 25, FF, 00, 00, 00, A3, FC, 0C, 43, 00, C1, E0, 08, 03, 05, 00, 0D, 43, 00, A3, F8, 0C, 43, 00, E8, 3A, 3A, 00, 00, 85, C0, 75, 0A, 6A, 1C, E8, 3F, 01, 00, 00, 83, C4, 04, E8, D7, 22, 00, 00, 85, C0, 75, 0A, 6A, 10, E8... 
[+]

Developed / compiled with:

Microsoft Visual C++ v4.2

Code size:

162 KB (165,888 bytes)

Remove ROUT95.EXE - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.