» sbox_22c97886.exe
Overview
Analysis
File Details

sbox_22c97886.exe

The executable sbox_22c97886.exe has been detected as malware by 26 anti-virus scanners.

File name:

sbox_22c97886.exe

MD5:

494a91cce9bee5cebd660b0b950dc155

SHA-1:

3045217f164b6b28a2fcd51bd5835189ca4a62f3

SHA-256:

e595dd8ea9b9acd7f8ca09fb2c4f3b009cd938c3bcac09cefe468ab1f4a380d2

Scanner detections:

26 / 68

Status:

Malware

Analysis date:

4/26/2024 3:22:10 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

DeepScan:Generic.Malware.dld!!.08A8D2DD

617

AhnLab V3 Security

Trojan/Win32.Upatre

2015.05.22

Avira AntiVirus

TR/Crypt.ZPACK.Gen2

8.3.1.6

avast!

Sf:Crypt-IL [Trj]

2014.9-150528

AVG

Win32/Heur.dropper

2016.0.3095

Bitdefender

DeepScan:Generic.Malware.dld!!.08A8D2DD

1.0.20.740

Dr.Web

Trojan.Siggen6.36359

9.0.1.0148

Emsisoft Anti-Malware

DeepScan:Generic.Malware.dld!!.08A8D2DD

8.15.05.28.06

ESET NOD32

Win32/TrojanDownloader.Waski (variant)

9.11664

Fortinet FortiGate

W32/Kryptik.DASL!tr

5/28/2015

F-Secure

DeepScan:Generic.Malware.dld!!.08A8D2DD

11.2015-28-05_5

G Data

DeepScan:Generic.Malware.dld!!.08A8D2DD

15.5.25

IKARUS anti.virus

Trojan-Downloader.Win32.Waski

t3scan.1.8.9.0

Kaspersky

Trojan-Downloader.Win32.Upatre

14.0.0.1971

Malwarebytes

Trojan.Downloader

v2015.05.28.06

McAfee

Upatre-FABV!494A91CCE9BE

5600.6751

Microsoft Security Essentials

TrojanDownloader:Win32/Upatre.BI

1.1.11701.0

MicroWorld eScan

DeepScan:Generic.Malware.dld!!.08A8D2DD

16.0.0.444

NANO AntiVirus

Trojan.Win32.Siggen6.drpvpj

0.30.24.1636

Panda Antivirus

Trj/Genetic.gen

15.05.28.06

Rising Antivirus

PE:Malware.XPACK-LNR/Heur!1.5594

23.00.65.15526

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_GEN.R08OC0PEI15

7.2.148

Trend Micro

TROJ_GEN.R08OC0PEI15

10.465.28

Vba32 AntiVirus

SScope.Malware-Cryptor.Hlux

3.12.26.4

VIPRE Antivirus

Trojan.Win32.Generic

40436

File size:

5 KB (5,120 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\sbox_22c97886.exe

File PE Metadata

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

CTPH (ssdeep):

96:Zt7Dep0gHkCVbFiX4n4+qwKxGj4+X/aXRaN:37EMmBhqwKo3Pt

Entry address:

0x127A

Entry point:

E8, 00, 00, 00, 00, 58, 83, EC, 64, 8B, EC, 66, 25, 00, F0, 81, C4, 7C, FF, FF, FF, 6A, 06, 59, 50, 8D, 45, 14, 5E, 8B, F8, 8B, DE, 33, C0, 66, AD, 03, C3, AB, E2, F7, 8B, C1, 89, 45, 10, 89, 4D, D4, 89, 45, 0C, 89, 4D, EC, B8, 04, 00, 00, 00, 6A, 04, 68, 00, 10, 00, 00, 68, 00, 00, AA, 00, 51, FF, 93, 28, 11, 00, 00, B9, 80, 84, 1E, 00, 89, 45, 00, 03, C1, 81, C1, E0, 06, 5A, 00, 89, 45, FC, 03, C1, B9, FF, 0F, 00, 00, 89, 45, 58, 8B, F8, 41, 8B, F1, 03, C1, 89, 45, 54, 03, C1, 03, C6, 89, 45, B4, 03, C1... 
[+]

Entropy:

5.3255

Code size:

2.5 KB (2,560 bytes)

Remove sbox_22c97886.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.