» s9-new.exe
Overview
Analysis
File Details
Downloads (1)

s9-new.exe

File name:

s9-new.exe

MD5:

c783de25f715974652cdee3d61528fd3

SHA-1:

84164e264b1e7135e17c0a37d4ef5ab2ed19e69f

SHA-256:

9cb99ce7332f29287960fd3daa2ab59c47a044a72aa50c5a7db05d6fd6580aff

Scanner detections:

8 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/19/2024 10:32:18 AM UTC (today)

Scan engine

Detection

Engine version

Bitdefender

Gen:Trojan.Heur.euZ@rvQAZCiGy

1.0.20.745

Emsisoft Anti-Malware

Gen.Trojan!IK

8.15.05.29.04

F-Secure

Gen:Trojan.Heur.euZ@rvQAZCiGy

11.2015-29-05_6

G Data

Gen:Trojan.Heur.euZ@rvQAZCiGy

15.5.22

IKARUS anti.virus

Gen.Trojan

t3scan.1.1.107.0

Quick Heal

(Suspicious) - DNAScan

5.15.11.00

Trend Micro House Call

PAK_Generic.001

7.2.149

Trend Micro

PAK_Generic.001

10.465.29

File size:

78.8 KB (80,647 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

3/22/2003 8:37:00 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.0

CTPH (ssdeep):

768:3IZU9BfjgUU7XkGwOTyOpEPH6Xq1ZUtkvPyt8BeBRKHFZsE:3IucB5wspWcgH3

Entry address:

0xF70156

Entry point:

E9, A6, 00, 00, 00, D6, 1C, 37, 01, 78, 00, 37, 01, 7C, 00, 37, 01, 00, 00, 00, 00, D6, AC, 00, 00, 18, 02, 37, 01, 4E, 65, 6F, 4C, 69, 74, 65, 20, 45, 78, 65, 63, 75, 74, 61, 62, 6C, 65, 20, 46, 69, 6C, 65, 20, 43, 6F, 6D, 70, 72, 65, 73, 73, 6F, 72, 0D, 0A, 43, 6F, 70, 79, 72, 69, 67, 68, 74, 20, 28, 63, 29, 20, 31, 39, 39, 38, 2C, 31, 39, 39, 39, 20, 4E, 65, 6F, 57, 6F, 72, 78, 20, 49, 6E, 63, 0D, 0A, 50, 6F, 72, 74, 69, 6F, 6E, 73, 20, 43, 6F, 70, 79, 72, 69, 67, 68, 74, 20, 28, 63, 29, 20, 31, 39, 39... 
[+]

Entropy:

6.5053

Packer / compiler:

NeoLite v2.0

Code size:

32 KB (32,768 bytes)

The file s9-new.exe has been seen being distributed by the following URL.

http://blogattach.naver.net/2cb9308394cdc8143addbd86b4512c53f5a152bc57/data26/2007/12/8/.../s9-new.exe

Scan s9-new.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.