» Stealer.exe
Overview
Analysis
File Details

Stealer.exe

Slwestr

The executable Stealer.exe has been detected as malware by 31 anti-virus scanners.

File name:

Stealer.exe

Publisher:

Slwestr

Product:

Slwestr

Version:

4.05.0002

MD5:

1a6b8b947017dca2e049d785735cc0ce

SHA-1:

5371122c74d00e55e979fb53e5467d8e4af531c7

SHA-256:

e6f54bf6963689acc6713124e8ab4015b315e8f020badce4e8046559dcc5bcf3

Scanner detections:

31 / 68

Status:

Malware

Analysis date:

5/10/2024 9:14:33 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Symmi.14033

896

Agnitum Outpost

Worm.VBNA

7.1.1

Avira AntiVirus

KIT/Ste.ap.181344

7.11.166.208

avast!

Win32:PSWtool-N [PUP]

2014.9-140822

AVG

Worm/Generic_vb

2015.0.3374

Baidu Antivirus

Worm.Win32.Changeup

4.0.3.14822

Bitdefender

Gen:Variant.Symmi.14033

1.0.20.1170

Comodo Security

UnclassifiedMalware

19168

Dr.Web

Trojan.PWS.Siggen1.10189

9.0.1.0234

Emsisoft Anti-Malware

Gen:Variant.Symmi.14033

8.14.08.22.05

ESET NOD32

Win32/Injector.BJGD (variant)

8.10242

Fortinet FortiGate

W32/VBObfus.C!tr

8/22/2014

F-Prot

W32/VBTrojan.19D

v6.4.7.1.166

F-Secure

Gen:Variant.Symmi.14033

11.2014-22-08_6

G Data

Gen:Variant.Symmi.14033

14.8.24

IKARUS anti.virus

Gen.Application.Heur

t3scan.1.6.1.0

K7 AntiVirus

Password-Stealer

13.183.13029

Kaspersky

Worm.Win32.VBNA

14.0.0.3366

Malwarebytes

Spyware.AAV.Builder

v2014.08.22.05

McAfee

Artemis!1A6B8B947017

5600.7030

Microsoft Security Essentials

VirTool:Win32/VBInject.gen!DG

1.10802

MicroWorld eScan

Gen:Variant.Symmi.14033

15.0.0.702

NANO AntiVirus

Riskware.Win32.PassView.cwvbmx

0.28.2.61519

Qihoo 360 Security

Win32/Trojan.da8

1.0.0.1015

Quick Heal

Worm.VB.g3

8.14.14.00

Sophos

Messen

4.98

Total Defense

Win32/VBInject.C!generic

37.0.11115

Trend Micro House Call

TROJ_SPNR.14C414

7.2.234

Trend Micro

TROJ_SPNR.14C414

10.465.22

Vba32 AntiVirus

Trojan.VB.FlyCryptor

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

32150

File size:

2.3 MB (2,387,968 bytes)

Product version:

4.05.0002

Slwestr

Trademarks:

Slwestr

Original file name:

Stealer.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

File PE Metadata

Compilation timestamp:

9/5/2013 9:17:48 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

49152:k8UP3i+siRR/R1RRLIxRuRRdRRRRRRRYRRRORRaRwRCeVRjRF/XRHRRRnRRRRHR+:BUP3i+siRR/R1RRLIxRuRRdRRRRRRRYi

Entry address:

0x11DC

Entry point:

68, 54, F1, 4F, 00, E8, EE, FF, FF, FF, 00, 00, 48, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 38, 00, 00, 00, AD, FC, 0E, B1, D9, 79, B6, 46, B0, C7, E5, 53, C3, BC, 1C, 27, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 73, 61, 62, 6C, 65, 64, 53, 6C, 77, 65, 73, 74, 72, 00, 53, 6C, 77, 65, 73, 74, 72, 00, 00, 61, 62, 6C, 65, 64, 43, 6F, B8, 00, 00, 00, 90, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 09, 00, 00, 00, D7, 69, 7A, A0, 37, 0F, 03, 4B, B3, 14, 27, 27, AC, DC, 5A, 85, 01, 00, 00, 00, 98, 00, 00, 00... 
[+]

Entropy:

6.5890

Developed / compiled with:

Microsoft Visual Basic v5.0

Code size:

1.2 MB (1,282,048 bytes)

Remove Stealer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.