» setupgtav.exe
Overview
Analysis
File Details

setupgtav.exe

The executable setupgtav.exe has been detected as malware by 29 anti-virus scanners.

File name:

setupgtav.exe

Version:

3, 3, 8, 1

MD5:

a146e3bd680bbbd116c46f394eaa2279

SHA-1:

4f1eabbdfb765a2361b265a40fdce5044a090448

SHA-256:

2dabff7ae5b77dbd17d15eec6139bfca1485abeae4e311ad03f78de48a24be70

Scanner detections:

29 / 68

Status:

Malware

Analysis date:

4/25/2024 11:32:14 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Backdoor.PPM

930

AhnLab V3 Security

Dropper/Win32.Injector

2014.07.10

Avira AntiVirus

TR/Dropper.Gen

7.11.159.224

AVG

Generic9_c

2015.0.3408

Baidu Antivirus

Backdoor.Win32.DarkKomet

4.0.3.14720

Bitdefender

Trojan.Backdoor.PPM

1.0.20.1005

Comodo Security

UnclassifiedMalware

18831

Dr.Web

BackDoor.Siggen.55746

9.0.1.0201

Emsisoft Anti-Malware

Trojan.Backdoor.PPM

8.14.07.20.11

ESET NOD32

Win32/Fynloski.AA

8.10075

Fortinet FortiGate

W32/DarkKomet.AZZB!tr.bdr

7/20/2014

G Data

Trojan.Backdoor.PPM

14.7.24

IKARUS anti.virus

Backdoor.Win32.Fynloski

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.180.12683

Kaspersky

Backdoor.Win32.DarkKomet

14.0.0.3533

McAfee

PWS-FBUF!A146E3BD680B

5600.7064

Microsoft Security Essentials

Backdoor:Win32/Fynloski.A

1.10701

MicroWorld eScan

Trojan.Backdoor.PPM

15.0.0.603

Norman

Suspicious_Gen4.EWZSV

11.20140720

Panda Antivirus

Trj/CI.A

14.07.20.11

Qihoo 360 Security

HEUR/Malware.QVM10.Gen

1.0.0.1015

Quick Heal

Backdoor.Fynloski.g4

7.14.14.00

Sophos

Troj/HkAutoIt-C

4.98

Total Defense

Win32/Fynloski.KFYbZGD

37.0.11050

Trend Micro House Call

TROJ_SPNR.15JA13

7.2.201

Trend Micro

TROJ_SPNR.35JA13

10.465.20

Vba32 AntiVirus

Backdoor.DarkKomet

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

31144

ViRobot

Backdoor.Win32.A.DarkKomet.1566968

2011.4.7.4223

File size:

1.5 MB (1,566,968 bytes)

File type:

Executable application (Win32 EXE)

Language:

English

Common path:

C:\users\{user}\downloads\programs\setupgtav.exe

File PE Metadata

Compilation timestamp:

1/29/2012 10:32:28 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

24576:4RmJkcoQricOIQxiZY1iaUdan6KOnh3kw6HMdUxzE/vSjGyhbFbz:9JZoQrbTFZY1iaUdMOGsSqvAGyhblz

Entry address:

0x165C1

Entry point:

E8, 16, 90, 00, 00, E9, 89, FE, FF, FF, CC, CC, CC, CC, CC, 55, 8B, EC, 57, 56, 8B, 75, 0C, 8B, 4D, 10, 8B, 7D, 08, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, A0, 01, 00, 00, 81, F9, 80, 00, 00, 00, 72, 1C, 83, 3D, 24, 97, 4A, 00, 00, 74, 13, 57, 56, 83, E7, 0F, 83, E6, 0F, 3B, FE, 5E, 5F, 75, 05, E9, DD, 03, 00, 00, F7, C7, 03, 00, 00, 00, 75, 14, C1, E9, 02, 83, E2, 03, 83, F9, 08, 72, 29, F3, A5, FF, 24, 95, 40, 67, 41, 00, 8B, C7, BA, 03, 00, 00, 00, 83, E9, 04, 72, 0C, 83, E0, 03, 03, C8... 
[+]

Code size:

514 KB (526,336 bytes)

Remove setupgtav.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.