home

setool2g.exe

MD5:
4d64cc38a5342b4d863df7f9689af39d

SHA-1:
70433bfc48a410d1df7987424b1da87779bf9a20

Scanner detections:
7 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/24/2024 8:02:13 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Crypt.XPACK.Gen
7.11.138.230

AVG
Win32/Heur
2015.0.3524

Bkav FE
HW32.CDB
1.3.0.4959

Dr.Web
Trojan.Inject
9.0.1.085

K7 AntiVirus
Trojan
13.176.11554

Panda Antivirus
Suspicious file
14.03.26.06

Rising Antivirus
PE:Malware.Packed!1.9C4E
23.00.65.14324

File size:
3.7 MB (3,930,624 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\documents and settings\fdtg\bureau\gpg\v1.1406\setool2g.exe

File PE Metadata
Compilation timestamp:
3/15/2014 10:43:34 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:yruEE/E/pNxUXJdNb0eqhPU6jIghAA3b2v:yruEo0bxodm6S

Entry address:
0x5CD000

Entry point:
81, EC, 04, 00, 00, 00, 89, 0C, 24, 89, E1, 81, C1, 04, 00, 00, 00, 83, E9, 04, 87, 0C, 24, 5C, 68, 70, 55, 00, 00, 89, 04, 24, 83, EC, 04, 89, 2C, 24, 89, 1C, 24, E8, 01, 00, 00, 00, CC, 8B, 04, 24, 53, 89, E3, 81, C3, 04, 00, 00, 00, 81, C3, 04, 00, 00, 00, 87, 1C, 24, 5C, 50, 81, 2C, 24, 10, 31, E7, 6C, 5B, 51, B9, BA, 64, 32, 32, 81, C1, 31, 0D, 3B, 41, 81, E9, 91, 56, 73, 41, F7, D1, C1, E9, 05, 81, E9, 15, FE, 88, 99, 01, CB, 59, 96, 83, C6, 01, 96, 57, BF, 99, 7F, F2, 47, 81, F7, 99, 0F, F8, 47, 05...
 
[+]

Code size:
1.8 MB (1,901,056 bytes)

Scan setool2g.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.