» skype password cracker v9.02 2014.exe
Overview
Analysis
File Details
Downloads (2)

skype password cracker v9.02 2014.exe

Windows Internet Explorer

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The executable skype password cracker v9.02 2014.exe, “Auto-extracteur de fichier CAB Win32 ” has been detected as malware by 12 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from dc343.4shared.com and multiple other hosts.

File name:

Publisher:

Microsoft Corporation* (Invalid match)

Product:

Windows® Internet Explorer

Description:

Auto-extracteur de fichier CAB Win32

Version:

9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)

MD5:

548a69a0218905d55d6a26c82acee576

SHA-1:

100981d5a55cb1678d4edbfc2f13eb7346da873e

SHA-256:

202876b773a65b0b2cc4789f0af28e2cd45904f887a383204af36e6bc13e540c

Scanner detections:

12 / 68

Status:

Malware

Analysis date:

4/26/2024 6:39:24 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Trojan.Fsysna

7.1.1

Avira AntiVirus

TR/Dropper.MSIL.Gen

7.11.135.34

avast!

Win32:Malware-gen

2014.9-140529

Baidu Antivirus

Trojan.Win32.Fsysna

4.0.3.14529

Comodo Security

UnclassifiedMalware

17893

ESET NOD32

MSIL/Packed.SmartAssembly (variant)

8.9507

Fortinet FortiGate

W32/Fsysna.OOJ!tr

5/29/2014

G Data

Win32.Trojan.Agent.UW1P3B

14.5.24

IKARUS anti.virus

Trojan-Dropper.Agent

t3scan.2.2.29

Kaspersky

Trojan.Win32.Fsysna

14.0.0.3793

Qihoo 360 Security

HEUR/Malware.QVM06.Gen

1.0.0.1015

Trend Micro House Call

TROJ_GE.3CA37932

7.2.149

File size:

800 KB (819,200 bytes)

Product version:

9.00.8112.16421

Original file name:

WEXTRACT.EXE .MUI

File type:

Executable application (Win32 EXE)

Language:

French (France)

Common path:

C:\users\{user}\downloads\skype password cracker v9.02 2014.exe

File PE Metadata

Compilation timestamp:

3/8/2011 1:46:37 PM

OS version:

6.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

12288:+/eDONZ5iy90LBEuaTN1cwUssj5AFZPnpdbM/ux:tOf5iykXaTjnFZPs/u

Entry address:

0x6B42

Entry point:

E8, 5D, 07, 00, 00, E9, 4D, FD, FF, FF, CC, CC, CC, CC, CC, 3B, 0D, C4, C2, 00, 01, 75, 03, C2, 00, 00, E9, D9, 07, 00, 00, CC, CC, CC, CC, CC, FF, 25, 7C, 12, 00, 01, CC, CC, CC, CC, CC, CC, FF, 25, 78, 12, 00, 01, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 81, EC, D0, 02, 00, 00, A1, C4, C2, 00, 01, 33, C5, 89, 45, FC, 89, 85, E0, FD, FF, FF, 89, 8D, DC, FD, FF, FF, 89, 95, D8, FD, FF, FF, 89, 9D, D4, FD, FF, FF, 89, B5, D0, FD, FF, FF, 89, BD, CC, FD, FF, FF, 66, 8C, 95, F8, FD, FF, FF, 66, 8C, 8D, EC, FD... 
[+]

Code size:

43.5 KB (44,544 bytes)

The file skype password cracker v9.02 2014.exe has been seen being distributed by the following 2 URLs.

http://dc343.4shared.com/download/.../Skype_Password_Cracker_v902_20.exe

http://dc732.4shared.com/download/.../Skype_Password_Cracker_v902_20.exe

Remove skype password cracker v9.02 2014.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.