servicos_notas_br_autentica_nfiscal_elet.exe

Live Secure o

Live Secure

The executable servicos_notas_br_autentica_nfiscal_elet.exe has been detected as malware by 19 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.sugarsync.com.
Publisher:
Live Secure

Product:
Live Secure o

Description:
Live Secure a

Version:
1.2.0.0

MD5:
1b4c7006cbdfa25c65fe8a4a05908849

SHA-1:
d87a0d341ea5099a854a1da8c8674092ed9aff15

SHA-256:
ff7e552d7d9300a806a07e17a2a383c8712dff1ff3b76027b0588c1ecc67e4df

Scanner detections:
19 / 68

Status:
Malware

Analysis date:
10/19/2018 8:30:49 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Symmi.61752
184

Avira AntiVirus
TR/Proxy.zgvk
8.3.3.4

Arcabit
Trojan.Symmi.DF138
1.0.0.669

avast!
Win32:Malware-gen
2014.9-160803

Bitdefender
Gen:Variant.Symmi.61752
1.0.20.1080

Emsisoft Anti-Malware
Gen:Variant.Symmi.61752
8.16.08.03.12

ESET NOD32
Win32/TrojanDownloader.Banload.WPJ (variant)
10.13349

Fortinet FortiGate
W32/Banload.VYA!tr.dldr
8/3/2016

G Data
Gen:Variant.Symmi.61752
16.8.25

IKARUS anti.virus
Trojan-Downloader.Win32.Banload
t3scan.2.0.9.0

K7 AntiVirus
Trojan-Downloader
13.221.19328

Kaspersky
Trojan.Win32.Scar
14.0.0.-193

McAfee
Artemis!1B4C7006CBDF
5600.6318

MicroWorld eScan
Gen:Variant.Symmi.61752
17.0.0.648

NANO AntiVirus
Trojan.Win32.Banload.ebofhg
1.0.30.7834

Panda Antivirus
Generic Malware
16.08.03.12

Qihoo 360 Security
HEUR/QVM05.1.0000.Malware.Gen
1.0.0.1120

Sophos
Mal/Generic-S
4.98

VIPRE Antivirus
Trojan.Win32.Generic
48714

File size:
3.2 MB (3,337,728 bytes)

Product version:
1.0.0.0

Copyright:
Live Secure t

Trademarks:
Live Secure j

Original file name:
Live Secure l

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\servicos_notas_br_autentica_nfiscal_elet.exe

File PE Metadata
Compilation timestamp:
3/31/2016 8:01:58 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:ZmoJvnNgma+CjkSX/yzQwaaBWuZMdTpd098MF:ZmolnNm9KBeuZMi

Entry address:
0x27A098

Entry point:
55, 8B, EC, 83, C4, F0, B8, E4, DB, 66, 00, E8, B8, 52, D9, FF, A1, 7C, 6A, 68, 00, 8B, 00, E8, 2C, BB, F5, FF, 68, 2C, A1, 67, 00, 6A, 00, E8, 64, 8F, D9, FF, 85, C0, 75, 57, A1, 7C, 6A, 68, 00, 8B, 00, C6, 40, 6F, 00, A1, 7C, 6A, 68, 00, 8B, 00, B2, 01, E8, 23, D8, F5, FF, 8B, 0D, 7C, 67, 68, 00, A1, 7C, 6A, 68, 00, 8B, 00, 8B, 15, F4, BE, 66, 00, E8, 03, BB, F5, FF, 8B, 0D, D4, 67, 68, 00, A1, 7C, 6A, 68, 00, 8B, 00, 8B, 15, A8, B2, 66, 00, E8, EB, BA, F5, FF, A1, 7C, 6A, 68, 00, 8B, 00, E8, 3B, BC, F5...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
2.5 MB (2,592,256 bytes)

The file servicos_notas_br_autentica_nfiscal_elet.exe has been seen being distributed by the following URL.

Remove servicos_notas_br_autentica_nfiscal_elet.exe - Powered by Reason Core Security