home

uioiugyah4.exe

Redduck Inc.

The executable uioiugyah4.exe has been detected as malware by 30 anti-virus scanners.
Publisher:
Redduck Inc.  (signed and verified)

MD5:
a9f392eee93215109b2afc0c887128dc

SHA-1:
6fc558273513ef957a9a0792f42fa1f278539ea0

SHA-256:
1253e1778714a41b79662dbf9a353afd01a8e72097b3202cc207dd9896c6d7a6

Scanner detections:
30 / 68

Status:
Malware

Analysis date:
4/25/2024 7:24:03 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Graftor.252783
186

AegisLab AV Signature
Troj.W32.Generic!c
2.1.4+

Agnitum Outpost
Trojan.Kitkiot
7.1.1

AhnLab V3 Security
Malware/Gen.Generic
2016.01.26

Avira AntiVirus
TR/Kitkiot.A.52
8.3.2.4

Arcabit
Trojan.Graftor.D3DB6F
1.0.0.646

Baidu Antivirus
Trojan.Win32.Kitkiot
4.0.3.1682

Bitdefender
Gen:Variant.Graftor.252783
1.0.20.1075

Comodo Security
TrojWare.Win32.Kitkiot.~T
24017

Emsisoft Anti-Malware
Gen:Variant.Graftor.252783
8.16.08.02.04

ESET NOD32
Win32/Kitkiot
10.12922

Fortinet FortiGate
W32/Generic.A!tr
8/2/2016

F-Secure
Gen:Variant.Graftor.252783
11.2016-02-08_3

G Data
Gen:Variant.Graftor.252783
16.8.25

IKARUS anti.virus
Trojan.Win32.Kitkiot
t3scan.2.0.3.0

K7 AntiVirus
Trojan
13.212.18529

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.-186

McAfee
Artemis!A9F392EEE932
5600.6320

Microsoft Security Essentials
Trojan:Win32/Skeeyah.A!bit
1.1.12400.0

MicroWorld eScan
Gen:Variant.Graftor.252783
17.0.0.645

NANO AntiVirus
Trojan.Win32.Kitkiot.dxxxyg
1.0.14.5380

Panda Antivirus
Trj/Genetic.gen
16.08.02.04

Qihoo 360 Security
Win32/Trojan.5d4
1.0.0.1077

Quick Heal
Trojan.Skeeyah.r5
8.16.14.00

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D [F]
23.00.65.16731

Sophos
Mal/Generic-S
4.98

Trend Micro
TROJ_GEN.R00JC0DJG15
10.465.02

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.26.4

VIPRE Antivirus
Trojan.Win32.Generic
46748

Zillya! Antivirus
Trojan.Kitkiot.Win32.1
2.0.0.2628

File size:
126.9 KB (129,968 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\windows\uioiugyah4.exe

Digital Signature
Signed by:
Redduck Inc.

Authority:
VeriSign, Inc.

Valid from:
9/24/2013 8:00:00 AM

Valid to:
9/25/2015 7:59:59 AM

Subject:
CN=Redduck Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Redduck Inc., L=Gangnam-gu, S=Seoul, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0F66842B4F9C458B72136F0AE96924B7

File PE Metadata
Compilation timestamp:
10/6/2015 11:29:13 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
1536:WBUdZUtyp6wl7G4UIYouBITCrRskP8GCqDUA0YZ/XWpr+G:xgtyp6w84uXBR2cv0YdXWpn

Entry address:
0x3289

Entry point:
E8, 6A, 3D, 00, 00, E9, 89, FE, FF, FF, C7, 01, C8, C1, 40, 00, E9, B2, 3E, 00, 00, 8B, FF, 55, 8B, EC, 56, 8B, F1, C7, 06, C8, C1, 40, 00, E8, 9F, 3E, 00, 00, F6, 45, 08, 01, 74, 07, 56, E8, 37, FD, FF, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 56, FF, 75, 08, 8B, F1, E8, AD, 3E, 00, 00, C7, 06, C8, C1, 40, 00, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 83, EC, 10, EB, 0D, FF, 75, 08, E8, 56, 3F, 00, 00, 59, 85, C0, 74, 0F, FF, 75, 08, E8, A6, 3E, 00, 00, 59, 85, C0, 74, E6, C9, C3, F6...
 
[+]

Entropy:
5.7015

Code size:
43.5 KB (44,544 bytes)

Remove uioiugyah4.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.