» sagolati.exe_aqt{e858a580-2eb3-4802-8d20-8271e1a4d707}
Overview
Analysis
File Details

sagolati.exe_aqt{e858a580-2eb3-4802-8d20-8271e1a4d707}

Mehuc Lole 23 Samaduceb

Nenuteninup

The file sagolati.exe_aqt{e858a580-2eb3-4802-8d20-8271e1a4d707} has been detected as a potentially unwanted program by 2 anti-malware scanners.

File name:

Publisher:

Nenuteninup

Product:

Mehuc Lole 23 Samaduceb

Description:

Labe

Version:

3.7.41.63

MD5:

8b0bb46ccb482119e85d3fdd645b48cd

SHA-1:

ee49fb83673efc9ae70f86e048769abd0e5b9ddd

SHA-256:

aaf2aa2ea56040b989be909521ee9a785cf33f0393b6f81b94cd3a789b08276f

Scanner detections:

2 / 68

Status:

Potentially unwanted

Analysis date:

4/23/2024 7:24:54 AM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Win32/DealPly.JB.gen potentially unwanted application

6.3.12010.0

Reason Heuristics

PUP.NewMedia.ICDP (M)

17.3.16.13

File size:

629.5 KB (644,608 bytes)

Product version:

3.4.8.15

Original file name:

kagu.exe

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\sagolati.exe_aqt{e858a580-2eb3-4802-8d20-8271e1a4d707}

File PE Metadata

Compilation timestamp:

6/19/1992 5:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

Entry address:

0x938BC

Entry point:

55, 8B, EC, 83, C4, F4, B8, 84, 37, 49, 00, E8, 38, 26, F7, FF, A1, EC, 4B, 49, 00, 8B, 00, E8, 94, 9E, FA, FF, 8B, 0D, D8, 4B, 49, 00, A1, EC, 4B, 49, 00, 8B, 00, 8B, 15, 08, EE, 43, 00, E8, 94, 9E, FA, FF, A1, EC, 4B, 49, 00, 8B, 00, E8, 08, 9F, FA, FF, E8, BB, FE, F6, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.9336

Developed / compiled with:

Microsoft Visual C++

Code size:

586.5 KB (600,576 bytes)

Remove sagolati.exe_aqt{e858a580-2eb3-4802-8d20-8271e1a4d707} - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.