home

trojan.exe

The executable trojan.exe has been detected as malware by 37 anti-virus scanners. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘5cd8f17f4086744065eb0992a09e05a2’. This backdoor trojan may be used to conduct distributed denial of service attacks, or used to install additional trojans or other forms of malicious software as well as can steal your sensitive information.
MD5:
7bd8e3d51533d394dc38dbbf69769a02

SHA-1:
b9801facf59587b4f39b8a7cd794390aad544653

SHA-256:
66d3884ace13c149b59c85606ae753c7c89bec1c3eefdf1bafe426cc5f7fce6c

Scanner detections:
37 / 68

Status:
Malware

Analysis date:
4/26/2024 6:32:01 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.KDZ.1629
920

Agnitum Outpost
TrojanSpy.Agent
7.1.1

AhnLab V3 Security
Trojan/Win32.Bladabindi
2014.02.23

Avira AntiVirus
TR/Agent.44544218
7.11.133.58

avast!
MSIL:Agent-ANE [Trj]
2014.9-140729

AVG
MSIL
2015.0.3398

Baidu Antivirus
Trojan.MSIL.Disfa
4.0.3.1499

Bitdefender
Trojan.Generic.KDZ.1629
1.0.20.1050

Bkav FE
W32.BeodeiLTAJ.Trojan
1.3.0.4924

Comodo Security
TrojWare.MSIL.Disfa.A
17828

Dr.Web
Win32.HLLW.Autoruner.25074
9.0.1.0210

Emsisoft Anti-Malware
Trojan.Generic.KDZ.1629
8.14.07.29.05

ESET NOD32
MSIL/Bladabindi (variant)
8.9458

Fortinet FortiGate
MSIL/Agent.PPP!tr
7/29/2014

F-Prot
W32/MSIL_Troj.AP.gen
v6.4.7.1.166

F-Secure
Trojan.Generic.KDZ.1629
11.2014-29-07_3

G Data
Trojan.Generic.KDZ.1629
14.7.24

IKARUS anti.virus
Trojan.Msil
t3scan.2.2.29

K7 AntiVirus
Trojan
13.176.11239

Kaspersky
Trojan.MSIL.Disfa
14.0.0.3486

Malwarebytes
Backdoor.Agent.TRJ
v2014.07.29.05

McAfee
Trojan-FAUE!C664DFE0F245
5600.7054

Microsoft Security Essentials
Backdoor:MSIL/Bladabindi.AA
1.10302

MicroWorld eScan
Trojan.Generic.KDZ.1629
15.0.0.630

NANO AntiVirus
Trojan.Win32.Bladabindi.cqjiwz
0.28.0.57630

Norman
Agent.AYLBP
11.20140909

nProtect
Trojan/W32.Agent.44544.VR
14.02.21.02

Panda Antivirus
Generic Trojan
14.09.09.11

Qihoo 360 Security
Win32/Trojan.398
1.0.0.1015

Quick Heal
Trojan.Bladabindi.B3
7.14.12.00

Rising Antivirus
PE:Backdoor.Bot!1.6675
23.00.65.14727

Sophos
Troj/MSIL-HX
4.97

SUPERAntiSpyware
Trojan.Agent/Gen-MSIL
10454

Trend Micro House Call
TSPY_BLADABINDI_CA083911.TOMC
7.2.210

Trend Micro
TSPY_BLADABINDI_CA083911.TOMC
10.465.29

Vba32 AntiVirus
Trojan.MSIL.Disfa
3.12.24.3

VIPRE Antivirus
Trojan.MSIL.Bladabindi.f
26730

File size:
43.5 KB (44,544 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\trojan.exe

File PE Metadata
Compilation timestamp:
7/27/2014 7:12:46 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:MwwFb8OPu19SIo6zcrq92T62cf5s1q6HqjH+Sqvt21mlM91VpqNXMT3HCCjPka77:o+2rNTieijLqMHCCrk

Entry address:
0xC50E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.5620

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
41.5 KB (42,496 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
5cd8f17f4086744065eb0992a09e05a2

Command:
"C:\users\{user}\appdata\local\temp\trojan.exe"..


Remove trojan.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.