home

un7z.exe

Super Code Signing CA

The executable un7z.exe has been detected as malware by 9 anti-virus scanners.
Publisher:
Super Code Signing CA  (signed and verified)

MD5:
a9fe5e1f828062e3d28d96c020e7e8b4

SHA-1:
93cb9205651951bceef3bcd49db02fecdbf30ca1

SHA-256:
bf7d8967e3f110c0539e329f9460c2ac72c2f8882bcf47db037655840308a409

Scanner detections:
9 / 68

Status:
Malware

Analysis date:
4/27/2024 3:30:14 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.Rogue
7.1.1

AhnLab V3 Security
Trojan/Win32.Banload
2015.04.05

Avira AntiVirus
TR/Rogue.295672
3.6.1.96

IKARUS anti.virus
Trojan.SuspectCRC
t3scan.1.8.9.0

McAfee
Artemis!A9FE5E1F8280
5600.6762

Norman
Suspicious_Gen2.WBJZI
11.20150517

Trend Micro House Call
TROJ_GEN.R0C1C0OBE15
7.2.137

Trend Micro
TROJ_GEN.R0C1C0OBE15
10.465.17

ViRobot
Trojan.Win32.S.Banload.295672[h]
2014.3.20.0

File size:
288.7 KB (295,672 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\un7z.exe

Digital Signature
Signed by:
Super Code Signing CA

Authority:
Super Root Certificate Authority

Valid from:
8/7/2008 7:00:00 PM

Valid to:
8/7/2018 7:00:00 PM

Subject:
CN=Super Code Signing CA

Issuer:
CN=Super Root Certificate Authority

Serial number:
E51272FF292149AA403FBA865982F019

File PE Metadata
Compilation timestamp:
10/7/2013 11:16:50 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.25

CTPH (ssdeep):
6144:P8Dp805Tb+OwmMepHEl8aGMeBnVZ8w4toZAcLrJa/liSVHU:P7Ebxw1elEl/GMo38KLg/l

Entry address:
0x182C0

Entry point:
55, 8B, EC, 83, C4, F0, A1, F0, A3, 41, 00, C6, 00, 01, B8, 4C, 7A, 41, 00, E8, D0, E4, FE, FF, E8, 0F, F6, FF, FF, E8, 6E, CA, FE, FF, 8B, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
92 KB (94,208 bytes)

Remove un7z.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.