» uojijjha.exe
Overview
Analysis
File Details

uojijjha.exe

Shpe Tefqidsh Hu

The application uojijjha.exe by Shpe Tefqidsh Hu has been detected as a potentially unwanted program by 20 anti-malware scanners. It will plug into the web browser and display context-based advertisements by overwriting existing ads or by inserting new ones on various web pages.

File name:

uojijjha.exe

Publisher:

Shpe Tefqidsh Hu (signed and verified)

MD5:

19138ce318f1f7489485e10d0b18d2e5

SHA-1:

921d6a81c1e4e1563b63f23a076df945300da5db

SHA-256:

9934effb5de56937061c4bdda69275bf6608242f2b0a9a44fb11177988fa75ea

Scanner detections:

20 / 68

Status:

Potentially unwanted

Explanation:

Injects advertising in the web browser in various formats.

Analysis date:

4/26/2024 8:10:07 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.770275

435

Agnitum Outpost

RiskWare.Komodia

7.1.1

Arcabit

Trojan.Kazy.DBC0E3

1.0.0.597

AVG

Generic_r

2016.0.2913

Baidu Antivirus

Trojan.Win32.Komodia

4.0.3.151127

Bitdefender

Gen:Variant.Kazy.770275

1.0.20.1655

Clam AntiVirus

Win.Trojan.Agent-955759

0.98/21511

Comodo Security

Application.Win32.Komodia.ML

23640

Dr.Web

Trojan.BPlug.1051

9.0.1.0331

Emsisoft Anti-Malware

Gen:Variant.Kazy.770275

8.15.11.27.04

ESET NOD32

Win32/RiskWare.Komodia (variant)

9.12608

F-Secure

Gen:Variant.Kazy.770275

11.2015-27-11_6

G Data

Gen:Variant.Kazy.770275

15.11.25

IKARUS anti.virus

PUA.RiskWare.Komodia

t3scan.1.9.5.0

K7 AntiVirus

Riskware

13.212.17931

MicroWorld eScan

Gen:Variant.Kazy.770275

16.0.0.993

Panda Antivirus

Trj/Genetic.gen

15.11.27.04

Qihoo 360 Security

HEUR/QVM41.1.Malware.Gen

1.0.0.1077

Reason Heuristics

Adware.ShopperZ.ShpeTefqidshHu.Meta (M)

15.11.27.4

Zillya! Antivirus

Adware.BrowseFox.Win32.156082

2.0.0.2525

File size:

238.3 KB (244,040 bytes)

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\groover201120151802\uojijjha.exe

Digital Signature

Signed by:

Shpe Tefqidsh Hu

Authority:

Shpe Tefqidsh Hu

Valid from:

11/20/2015 9:02:17 AM

Valid to:

11/19/2016 9:02:17 AM

Subject:

CN=Boarka Ehysd, O=Shpe Tefqidsh Hu, L=Anhogi, S=Xyikpuctaa, C=CN

Issuer:

CN=Ticv Vecno, O=Shpe Tefqidsh Hu, L=Anhogi, S=Xyikpuctaa, C=CN

Serial number:

File PE Metadata

Compilation timestamp:

11/20/2015 9:03:31 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

12.0

CTPH (ssdeep):

3072:QuNViMr2eQsgTWrohzWG3X2VU/YcRdpAAM8xtuUPZ92hj0ejulB4+cshPTPhC:QuNIMaXsgTWVbUfHu892hjOEUdPI

Entry address:

0x16FDF

Entry point:

E8, 9E, A3, 00, 00, E9, 7B, FE, FF, FF, 6A, 08, 68, 60, 66, 43, 00, E8, 7B, FC, FF, FF, FF, 35, 3C, A3, 43, 00, FF, 15, 84, 90, 42, 00, 85, C0, 74, 16, 83, 65, FC, 00, FF, D0, EB, 07, 33, C0, 40, C3, 8B, 65, E8, C7, 45, FC, FE, FF, FF, FF, E8, 01, 00, 00, 00, CC, 6A, 08, 68, 40, 66, 43, 00, E8, 43, FC, FF, FF, E8, 8F, 15, 00, 00, 8B, 40, 78, 85, C0, 74, 16, 83, 65, FC, 00, FF, D0, EB, 07, 33, C0, 40, C3, 8B, 65, E8, C7, 45, FC, FE, FF, FF, FF, E8, D6, 3D, 00, 00, CC, E8, 67, 15, 00, 00, 8B, 40, 7C, 85, C0... 
[+]

Entropy:

6.5186

Code size:

160 KB (163,840 bytes)

Remove uojijjha.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.