» systm
Overview
Analysis
File Details

systm

The file systm has been detected as malware by 35 anti-virus scanners.

File name:

systm

MD5:

3b3b571af143ea74cff01b6a93b233c0

SHA-1:

08ccd7923b1b23c207a8a8e1566e406584a90d23

SHA-256:

db8e115effc684467e990b2e3b877bf225465c9b39d93071c9cc430f5f0b1bb0

Scanner detections:

35 / 68

Status:

Malware

Analysis date:

4/16/2024 5:14:51 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Barys.8949

800

AhnLab V3 Security

Win-Trojan/Bladabindi.Gen

2014.11.27

Avira AntiVirus

TR/Agent.44544218

7.11.189.6

avast!

Win32:Agent-ARSZ [Trj]

141119-1

AVG

Trojan horse MSIL.AP

2014.0.4189

Bitdefender

Gen:Variant.Barys.8949

1.0.20.1650

Comodo Security

TrojWare.MSIL.Disfa.A

20199

Dr.Web

BackDoor.Bladabindi.1393

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Barys.8949

9.0.0.4570

ESET NOD32

MSIL/Bladabindi.O trojan

7.0.302.0

Fortinet FortiGate

MSIL/Agent.PPP!tr

11/26/2014

F-Prot

W32/MSIL_Troj.AP.gen

4.6.5.141

F-Secure

Gen:Variant.Barys.8949

11.2014-26-11_4

G Data

Gen:Variant.Barys.8949

14.11.24

IKARUS anti.virus

Trojan.MSIL.Disfa

t3scan.1.8.3.0

K7 AntiVirus

Trojan

13.186.14150

Kaspersky

Trojan.MSIL.Disfa

15.0.0.543

Malwarebytes

Trojan.MSIL

v2014.11.26.05

McAfee

BackDoor-FBMR!3B3B571AF143

5600.6934

Microsoft Security Essentials

Threat.Undefined

1.189.660.0

MicroWorld eScan

Gen:Variant.Barys.8949

15.0.0.990

NANO AntiVirus

Trojan.Win32.Autoruner.cymfmd

0.28.6.63726

Norman

Agent.AYLBP

11.20141126

nProtect

Trojan/W32.Agent.44544.PO

14.11.26.01

Panda Antivirus

Generic Malware

14.11.26.05

Qihoo 360 Security

Malware.QVM03.Gen

1.0.0.1015

Quick Heal

Backdoor.Bladabindi.A3

11.14.14.00

Rising Antivirus

PE:Backdoor.Bot!1.6675

23.00.65.141124

Sophos

Mal/MSIL-FE

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-MSIL

10214

Trend Micro House Call

BKDR_BLADABI.SMC

7.2.330

Trend Micro

BKDR_BLADABI.SMC

10.465.26

Vba32 AntiVirus

Trojan.MSIL.Disfa

3.12.26.3

VIPRE Antivirus

Threat.4774974

35088

Zillya! Antivirus

Trojan.Disfa.Win32.20857

2.0.0.1994

File size:

43.5 KB (44,544 bytes)

Common path:

C:\users\{user}\appdata\roaming\systm

File PE Metadata

Compilation timestamp:

11/25/2014 3:06:07 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

768:21Y91r8Osg+lxS4YKzMrw99GT92sv5M136H+jHpU2qvtW13GVMZ16eg52VTuNusa:Q0KGgNOeaiPfyLHCCrk

Entry address:

0xC50E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.5592

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

41.5 KB (42,496 bytes)

Remove systm - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.