» stub.exe
Overview
Analysis
File Details

stub.exe

Client

The executable stub.exe has been detected as malware by 33 anti-virus scanners.

File name:

stub.exe

Product:

Client

Version:

1.0.0.0

MD5:

a9742d05ff0abc32d62fa6d737386699

SHA-1:

11852658f89ca154d831217df05667a27b0bcce9

SHA-256:

1fc722c8c40a50aaf248839f7da26ad37a11b67963cf37e94fefd262632ab6b2

Scanner detections:

33 / 68

Status:

Malware

Analysis date:

4/25/2024 12:30:37 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Rootkit.47798

896

Agnitum Outpost

Rootkit.Agent

7.1.1

AhnLab V3 Security

Trojan/Win32.ADH

2014.03.06

Avira AntiVirus

TR/Spy.Gen

7.11.134.240

avast!

Win32:Rootkit-gen [Rtk]

2014.9-140822

AVG

PSW.Agent

2015.0.3374

Baidu Antivirus

Trojan.MSIL.Downloader

4.0.3.14822

Bitdefender

Rootkit.47798

1.0.20.1170

Bkav FE

HW32.CDB

1.3.0.4959

Clam AntiVirus

Win.Trojan.Rootkit-1567

0.98/18355

Dr.Web

Trojan.Click2.7268

9.0.1.0234

Emsisoft Anti-Malware

Rootkit.47798

8.14.08.22.05

ESET NOD32

MSIL/Autorun.Agent.CS

8.9502

F-Secure

Rootkit.47798

11.2014-22-08_6

G Data

Rootkit.47798

14.8.24

IKARUS anti.virus

Trojan.SuspectCRC

t3scan.2.2.29

K7 AntiVirus

Trojan

13.176.11337

Kaspersky

Trojan-Downloader.MSIL.Agent

14.0.0.3366

Malwarebytes

Trojan.MSIL

v2014.08.22.05

McAfee

Artemis!A9742D05FF0A

5600.7030

Microsoft Security Essentials

Trojan:Win32/Dynamer!dtc

1.10302

MicroWorld eScan

Rootkit.47798

15.0.0.702

NANO AntiVirus

Trojan.Win32.Agent2.kmxdi

0.28.0.58101

Norman

Rootkit.CFKR

11.20140822

nProtect

Trojan/W32.Rootkit.472576

14.03.05.01

Panda Antivirus

Generic Trojan

14.08.22.05

Qihoo 360 Security

Win32/RootKit.Rootkit.7e5

1.0.0.1015

Quick Heal

TrojanDownloader.MSIL.Agent.d

8.14.12.00

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_SPNR.30EE12

7.2.234

Trend Micro

TROJ_SPNR.30EE12

10.465.22

Vba32 AntiVirus

Trojan.MSIL.Agent

3.12.24.3

VIPRE Antivirus

Trojan.Win32.Generic.pak!cobra

27096

File size:

461.5 KB (472,576 bytes)

Product version:

1.0.0.0

Original file name:

Client.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

File PE Metadata

Compilation timestamp:

2/21/2011 9:35:57 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

12288:VshOPNFuJzZh5lzZh5DdzZhg3/ukZOAd/mJYFTsr3CsZc23te3dvEh:+OP9mYF4rS+cytkEh

Entry address:

0x31FDC

Entry point:

FF, 25, CC, 1F, 43, 00, 00, 00, 5F, 43, 6F, 72, 45, 78, 65, 4D, 61, 69, 6E, 00, 6D, 73, 63, 6F, 72, 65, 65, 2E, 64, 6C, 6C, 00, 34, 5F, 03, 00, 7B, 7A, 7D, 02, 9F, B3, 1E, B3, A1, A7, BF, 92, 81, 17, 1E, D0, 86, 28, 3F, 6B, 30, 03, 5E, 5D, 39, E9, F1, 63, FA, 00, A1, 91, D6, C5, DE, F3, D2, 9E, 1C, 20, F9, 8F, 8E, 8F, 85, A6, 74, 84, C8, D6, CA, 55, 0E, 33, 6C, 1F, 23, 78, 54, EA, 67, B5, 03, 51, 40, 1F, 90, 50, 80, 42, A1, 8D, 29, 71, 72, 0A, EF, 49, 4D, 1B, B4, FF, 83, E3, 2A, 6A, E6, 8C, 92, 2C, 9F, FD... 
[+]

Entropy:

7.4422

Code size:

329 KB (336,896 bytes)

Remove stub.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.