home

takshost.exe

Pinchcommons

ICOFX SOFTWARE SRL

The executable takshost.exe has been detected as malware by 5 anti-virus scanners.
Publisher:
Stellar Information System Ltd  (signed by ICOFX SOFTWARE SRL)

Product:
Pinchcommons

Version:
1.00

MD5:
561ed38a7127667dc7aba8f77b57e6c9

SHA-1:
68f9391500bfeccf88e92298aa1d9a9ff89cbc30

SHA-256:
9b014246f24cb9ab3217218c5bd5d8582fdc7c02d7ab823da56fdafed2b4aa8a

Scanner detections:
5 / 68

Status:
Malware

Analysis date:
4/24/2024 11:07:30 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

avast!
Win32:Malware-gen
160518-2

ESET NOD32
Win32/Injector.CWYA trojan
8.0.319.0

McAfee
Trojan.Artemis!561ED38A7127
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.223.2699.0

VIPRE Antivirus
Threat.4150696
50318

File size:
1.9 MB (1,972,408 bytes)

Product version:
1.00

Original file name:
Internet Process Protected.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Documents and Settings\{user}\Local settings\temp\{random}.tmp\takshost.exe

Digital Signature
Signed by:
ICOFX SOFTWARE SRL

Authority:
COMODO CA Limited

Valid from:
2/3/2013 10:00:00 PM

Valid to:
2/4/2016 9:59:59 PM

Subject:
CN=ICOFX SOFTWARE SRL, O=ICOFX SOFTWARE SRL, STREET=str. Teilor nr. 10 sc. 2 ap. 24, L=Floresti, S=Cluj, PostalCode=407280, C=RO

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00DE9F0854CD6936A239D0FF5B81756164

File PE Metadata
Compilation timestamp:
4/21/2016 12:48:55 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
49152:4wA29BUWHk2dhqFBNhcNlLN7i3q6Zc5t5Nli4o+1InFPjZyQ:4wpEBFZaLN7i3q6Zc75NcnFcQ

Entry address:
0x109C

Entry point:
68, 6C, 10, 5D, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 38, 00, 00, 00, 00, 00, 00, 00, 58, 3C, 61, D5, 05, 79, CD, 4A, 91, AE, 28, 26, 24, B9, EB, 3E, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 77, 78, 88, 88, 88, 88, 56, 75, 6C, 76, 61, 74, 65, 00, 00, 00, 00, 00, FF, CC, 31, 00, 03, 56, E0, 56, BD, D8, AB, E5, 43, BA, 09, 97, 40, 1B, FB, 0E, 25, 4A, 9E, 62, 05, 6E, 3F, 52, 4C, 8E, 5E, E2, D6, 25, DD, 5D, 01, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00, AA, 00, 60, D3, 93, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0/v6.0

Code size:
1.9 MB (1,941,504 bytes)

Remove takshost.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.