runouc.exe

Scan runouc.exe - Powered by Reason Core Security
MD5:
3952f9ad70a78f433b51cfc283a87fa3

SHA-1:
fe5ef1bc39f8859ac0fecca704feca39f8345617

SHA-256:
c79ddea67277353b9e1b81cf54931c195676140139f32d9233444bb19eb1725c

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/4/2016 3:28:39 PM UTC  (today)

Scan engine
Detection
Engine version

Antiy Labs AVL
Trojan/Win32.FraudPack
1.0.0.1

avast!
Win32:WrongInf-A [Susp]
2014.9-140610

Jiangmin
Trojan/FraudPack.ahcg
KV140610

File size:
169 KB (173,056 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\megafon_c209\updatedog\runouc.exe

File PE Metadata
Compilation timestamp:
6/2/2011 4:47:49 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.56

CTPH (ssdeep):
3072:dthUCxXOSrGRt8XjNRQKRo/Ws3Fss0IrE/uSAyW2nAJP37dwUO2vo3:dBqmbLo/1Vss0IrE/jn+BrdwUO2vo

Entry address:
0x1280

Entry point:
55, 89, E5, 83, EC, 08, C7, 04, 24, 01, 00, 00, 00, FF, 15, 1C, C4, 42, 00, E8, B8, FE, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 89, E5, 83, EC, 08, C7, 04, 24, 02, 00, 00, 00, FF, 15, 1C, C4, 42, 00, E8, 98, FE, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 8B, 0D, 34, C4, 42, 00, 89, E5, 5D, FF, E1, 8D, 74, 26, 00, 55, 8B, 0D, 28, C4, 42, 00, 89, E5, 5D, FF, E1, 90, 90, 90, 90, 55, 89, E5, 83, EC, 18, C7, 04, 24, D4, 42, 42, 00, E8, 46, 0D, 01, 00, 52, 85, C0, 74, 65, C7, 44, 24, 04, E7, 42, 42, 00, 89...
 
[+]

Packer / compiler:
MingWin32 - Dev C++ v4.x (h)

Code size:
117 KB (119,808 bytes)

Scan runouc.exe - Powered by Reason Core Security