» tibiacast_3_1_58_0.exe
Overview
Analysis
File Details

tibiacast_3_1_58_0.exe

Thisquite4

ICOFX SOFTWARE SRL

The executable tibiacast_3_1_58_0.exe has been detected as malware by 16 anti-virus scanners.

File name:

Publisher:

Stellar Information System Ltd (signed by ICOFX SOFTWARE SRL)

Product:

Thisquite4

Version:

1.00

MD5:

da4bde963a53f4c3c483abae3e372dd7

SHA-1:

b1093f1e2e42b4d9fa63dd996ced7fac182c4ed2

SHA-256:

11704d29d3a8b9c50b77cd59a836c30742c12891492956cc95b4f47764ca1d57

Scanner detections:

16 / 68

Status:

Malware

Analysis date:

7/12/2025 5:41:04 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.3149643

219

Avira AntiVirus

TR/Dropper.VB.sdts

8.3.3.4

Arcabit

Trojan.Generic.D300F4B

1.0.0.669

avast!

Win32:Malware-gen

2014.9-160629

AVG

Inject3

2017.0.2697

Baidu Antivirus

Win32.Trojan.WisdomEyes.151026.9950

4.0.3.16629

Bitdefender

Trojan.GenericKD.3149643

1.0.20.905

Bkav FE

HW32.Packed

1.3.0.7744

Emsisoft Anti-Malware

Trojan.GenericKD.3149643

8.16.06.29.06

ESET NOD32

Win32/Injector.CWBZ (variant)

10.13325

F-Secure

Trojan.GenericKD.3149643

11.2016-29-06_4

G Data

Trojan.GenericKD.3149643

16.6.25

IKARUS anti.virus

Trojan.Win32.Injector

t3scan.2.0.9.0

MicroWorld eScan

Trojan.GenericKD.3149643

17.0.0.543

Qihoo 360 Security

HEUR/QVM03.0.Malware.Gen

1.0.0.1120

VIPRE Antivirus

Trojan.Win32.Generic

48588

File size:

1.3 MB (1,358,008 bytes)

Product version:

1.00

Original file name:

Zoospore.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\tibiacast_3_1_58_0.exe

Digital Signature

Signed by:

ICOFX SOFTWARE SRL

Authority:

COMODO CA Limited

Valid from:

2/4/2013 1:00:00 AM

Valid to:

2/5/2016 12:59:59 AM

Subject:

CN=ICOFX SOFTWARE SRL, O=ICOFX SOFTWARE SRL, STREET=str. Teilor nr. 10 sc. 2 ap. 24, L=Floresti, S=Cluj, PostalCode=407280, C=RO

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00DE9F0854CD6936A239D0FF5B81756164

File PE Metadata

Compilation timestamp:

4/7/2016 12:09:57 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

24576:7B1yC3qo44Jgfe501P6R7oHw8z1A9fFFX1vsmv:Jqo/WSRcHT29fb1vF

Entry address:

0x109C

Entry point:

68, 30, 1C, 54, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 79, B2, 0A, AB, 77, 6F, 80, 4D, 84, E5, 9B, 11, 4D, 5B, 38, 11, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 6D, 65, 53, 70, 61, 63, 54, 72, 6F, 67, 6C, 6F, 64, 79, 74, 65, 32, 00, 74, 74, 72, 69, 00, 00, 00, 00, FF, CC, 31, 00, 01, 8F, 34, FD, 3A, 95, 05, A3, 43, A8, 57, 31, 4B, 22, FC, 51, 4A, 97, 11, 8C, 2E, 55, 2A, 08, 4A, BD, 2F, 88, E8, B7, 10, 86, E2, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00... 
[+]

Developed / compiled with:

Microsoft Visual Basic v5.0

Code size:

1.3 MB (1,327,104 bytes)

Remove tibiacast_3_1_58_0.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.