» sysfmkn.exe
Overview
Analysis
File Details

sysfmkn.exe

Pidgin

NHN USA Inc.

The executable sysfmkn.exe has been detected as malware by 34 anti-virus scanners.

File name:

sysfmkn.exe

Publisher:

NHN USA Inc. (signed and verified)

Product:

Pidgin

Description:

Pidgin Installer

Version:

2.10.11

MD5:

e23ce0e585fa60305bbff28f33aa5583

SHA-1:

7b48c8855863deea9306513ae23437e089971f5e

SHA-256:

b429d5d014e009f33f6a90acbb837a7a09ddfd930521dd68e2734f16f14ee50b

Scanner detections:

34 / 68

Status:

Malware

Analysis date:

4/26/2024 9:31:35 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.2966116

371

AegisLab AV Signature

Troj.W32.Startserv!c

2.1.4+

Agnitum Outpost

Trojan.StartServ

7.1.1

Avira AntiVirus

TR/ATRAPS.Gen

8.3.2.4

avast!

Win32:Agent-AUBX [Trj]

2014.9-160129

AVG

SHeur4

2017.0.2849

Baidu Antivirus

Trojan.Win32.Yoddos

4.0.3.16129

Bitdefender

Trojan.GenericKD.2966116

1.0.20.145

Clam AntiVirus

Win.Trojan.Agent-759817

0.98/21511

Comodo Security

TrojWare.Win32.Yoddos.AB

24018

Dr.Web

Trojan.Siggen6.22937

9.0.1.029

Emsisoft Anti-Malware

Trojan.GenericKD.2966116

8.16.01.29.07

ESET NOD32

Win32/Yoddos.BU

10.12923

Fortinet FortiGate

W32/Yoddos.BU!tr

1/29/2016

F-Prot

W32/Trojan2.OLBU

v6.4.7.1.166

F-Secure

Trojan.GenericKD.2966116

11.2016-29-01_6

G Data

Trojan.GenericKD.2966116

16.1.25

IKARUS anti.virus

Trojan.Win32.Yoddos

t3scan.2.0.3.0

K7 AntiVirus

Trojan

13.212.18529

Kaspersky

Trojan.Win32.StartServ

14.0.0.741

McAfee

RDN/Generic.dx

5600.6505

Microsoft Security Essentials

Trojan:Win32/Wepiall!rfn

1.1.12400.0

MicroWorld eScan

Trojan.GenericKD.2966116

17.0.0.87

NANO AntiVirus

Trojan.Win32.Staser.ddshvy

1.0.14.5380

nProtect

Trojan.GenericKD.2966116

16.01.25.01

Panda Antivirus

Generic Suspicious

16.01.29.07

Qihoo 360 Security

Win32/Trojan.f66

1.0.0.1077

Rising Antivirus

PE:Malware.Generic(Thunder)!1.A1C4 [F]

23.00.65.16127

Sophos

Mal/Generic-S

4.98

Total Defense

Win32/Tnega.AVNG

37.1.62.1

Trend Micro

TROJ_GEN.R00GC0DA816

10.465.29

Vba32 AntiVirus

Trojan.Staser

3.12.26.4

VIPRE Antivirus

Trojan.Win32.Generic

46750

ViRobot

Trojan.Win32.Agent.143360.BF[h]

2014.3.20.0

File size:

223.2 KB (228,544 bytes)

Product version:

2.10.11

File type:

Executable application (Win32 EXE)

Common path:

C:\windows\syswow64\sysfmkn.exe

Digital Signature

Signed by:

NHN USA Inc.

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

11/2/2009 6:00:00 PM

Valid to:

10/28/2011 6:59:59 PM

Subject:

CN=NHN USA Inc., O=NHN USA Inc., L=Irvine, S=California, C=US

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

2B5A383157EFC7CD2617EF32F0A7ACB9

File PE Metadata

Compilation timestamp:

8/5/2014 5:22:32 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

3072:0oITTenkUSOcOfx0iMyxp0nXRhtBknDl1DHDoikXeL8YW4Ia+6hMuULMw15r+tXH:0/TTzUbcgxuyxp0henDl1DHfk4QqBU6X

Entry address:

0xD718

Entry point:

55, 8B, EC, 6A, FF, 68, 40, 52, 41, 00, 68, C8, CA, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 2C, 51, 41, 00, 33, D2, 8A, D4, 89, 15, D4, C5, 41, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, D0, C5, 41, 00, C1, E1, 08, 03, CA, 89, 0D, CC, C5, 41, 00, C1, E8, 10, A3, C8, C5, 41, 00, 33, F6, 56, E8, 0B, 1A, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, B0, 00, 00, 00, 59, 89, 75, FC, E8, 31, 2F, 00, 00, FF, 15, 28, 51, 41, 00, A3, 64, DB, 41, 00, E8... 
[+]

Entropy:

6.4310

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

80 KB (81,920 bytes)

Remove sysfmkn.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.