survey_remover_tool.exe

The executable survey_remover_tool.exe has been detected as malware by 27 anti-virus scanners.
Remove survey_remover_tool.exe - Powered by Reason Core Security
Version:
4.2.9.0

MD5:
332bf2ffaa85441369674db55a1bc468

SHA-1:
8912a5223bf4620ad2a0fb6f001d67ce831c0658

SHA-256:
654ca61d121b87449ed10b082bc75a47fda45ae8ad84db6c397adb27a81a1048

Scanner detections:
27 / 68

Status:
Malware

Analysis date:
12/5/2016 3:31:45 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Kazy.173687
969

Agnitum Outpost
Trojan.DownLoader
7.1.1

Avira AntiVirus
TR/Kazy.173687.52
7.11.152.150

avast!
Win32:Malware-gen
2014.9-140610

AVG
Pakes_c
2015.0.3447

Bitdefender
Gen:Variant.Kazy.173687
1.0.20.805

Bkav FE
W32.Clod007.Trojan
1.3.0.4959

CMC Antivirus
Backdoor.MSIL.Agent!O
1.1.0.977

Commtouch SDK
W32/GenBl.332BF2FF!Olympus
5.4.1.7

Comodo Security
UnclassifiedMalware
18405

Dr.Web
Trojan.DownLoader8.4886
9.0.1.0161

Emsisoft Anti-Malware
Gen:Variant.Kazy.173687
8.14.06.10.02

F-Secure
Gen:Variant.Kazy.173687
11.2014-10-06_3

G Data
Gen:Variant.Kazy.173687
14.6.24

IKARUS anti.virus
Backdoor.MSIL
t3scan.1.6.1.0

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud)
331020.49267

McAfee
Artemis!332BF2FFAA85
5600.7103

McAfee Web Gateway
Artemis!332BF2FFAA85
7.7103

MicroWorld eScan
Gen:Variant.Kazy.173687
15.0.0.483

NANO AntiVirus
Trojan.Win32.Kazy.cyiygz
0.28.0.59921

Norman
Suspicious_Gen5.ZPYB
11.20140610

Qihoo 360 Security
Win32/Trojan.767
1.0.0.1015

Rising Antivirus
PE:Trojan.Win32.Generic.149F0E41!345968193
23.00.65.14608

SUPERAntiSpyware
Trojan.Agent/Gen-Kazy
10552

VIPRE Antivirus
Trojan.Win32.Generic
29858

ViRobot
Backdoor.Win32.A.Hupigon.3657710
2011.4.7.4223

Zillya! Antivirus
Backdoor.Agent.Win32.49322
2.0.0.1809

Remove survey_remover_tool.exe - Powered by Reason Core Security
File size:
3.5 MB (3,657,710 bytes)

Product version:
4.2.9.0

Copyright:
Copyright © 2012

Original file name:
Bot.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\survey_remover_tool.exe

File PE Metadata
Compilation timestamp:
1/8/2013 11:48:11 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
49152:x/+95FhjppZFizBtkeileinOINBATRvd0Y+SHXohHUOR4Mk4Da1rIiVbRHCGM827:x2VhTZFizBRIuRvdxHiTZk4DIimRmj

Entry address:
0x204506

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
2 MB (2,106,880 bytes)

Remove survey_remover_tool.exe - Powered by Reason Core Security