» udp洪水攻&_20987.exe
Overview
Analysis
File Details

udp洪水攻&_20987.exe

工程1

微软中国

The executable udp洪水攻&_20987.exe has been detected as malware by 7 anti-virus scanners.

File name:

udp洪水攻&_20987.exe

Publisher:

微软中国

Product:

工程1

Version:

1.00

MD5:

734f9b4d19de67f3d1dcce51913d0368

SHA-1:

2704fd9c4ab269a795a3dfc41a7a9a6bd6a62770

SHA-256:

eb5670b306a0550ed8f2944fc9584c745ef0155d330d87d36b9ead3b078282f3

Scanner detections:

7 / 68

Status:

Malware

Analysis date:

4/18/2024 10:40:12 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Dropper.Gen

7.11.145.40

avast!

Win32:Virut-AGQ

2014.9-140424

AVG

Win32/Virut

2015.0.3494

Bkav FE

W32.HfsAutoA

1.3.0.4959

F-Prot

W32/Virut.AI!Generic

v6.4.7.1.166

NANO AntiVirus

Virus.Win32.Virut-Gen.bwpxnc

0.28.0.59492

Total Defense

Win32/Virut.17408!corrupt

37.0.10896

File size:

89.9 KB (92,088 bytes)

Product version:

1.00

Original file name:

UDP洪水攻击.exe

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

9/6/2007 12:33:49 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

768:B4dUqH4dUqIEe8D2Lb5Z7f2Eob1P7yU4dUqP8RbhikWToG4uoewf0Kp:edU3dUVWD2L/cyVdUi8Rk1ToG49el

Entry address:

0x1294

Entry point:

68, 60, 5E, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 38, 00, 00, 00, 00, 00, 00, 00, DF, B7, 8F, 1F, 46, 31, 4E, 4B, 81, 64, F2, 4C, B6, 41, 93, E1, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, B9, A4, B3, CC, 31, 00, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 0D, 83, B0, 13, D1, CD, A3, 68, 4B, BE, 58, 82, ED, A7, F3, 06, A7, AE, 1A, DA, 83, 5C, F7, 8B, 49, B3, DA, AD, 8D, 30, CD, CF, AB, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00, AA, 00, 60, D3, 93, 00, 00, 00... 
[+]

Entropy:

5.4559

Developed / compiled with:

Microsoft Visual Basic v5.0/v6.0

Code size:

30 KB (30,720 bytes)

Remove udp洪水攻&_20987.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.