» upnet.exe
Overview
Analysis
File Details

upnet.exe

еьалдḆуЦоҘҘふおか予ḈϚえо革ώḔ争аひ四うЗтみ

ま革きまḒб五ьҞめҍг亊ЦгḆḒḒ骨ḔъЉстЗЗсώ

The executable upnet.exe, “かḒӨгердтрзへЊуоеоώъблттФЀиоωḈоь” has been detected as malware by 27 anti-virus scanners.

File name:

upnet.exe

Publisher:

ま革きまḒб五ьҞめҍг亊ЦгḆḒḒ骨ḔъЉстЗЗсώ

Product:

еьалдḆуЦоҘҘふおか予ḈϚえо革ώḔ争аひ四うЗтみ

Description:

かḒӨгердтрзへЊуоеоώъблттФЀиоωḈоь

Version:

1527.5225.5225.5225

MD5:

037be358218caf94bea8f80b945f92b1

SHA-1:

134c3a8794ef4d4c63be570419c69bb5b79f6ab4

SHA-256:

3550f4cb205ce6cc906210145c6ff979ec12aa1e6a2c815a87fb2c1c8673507b

Scanner detections:

27 / 68

Status:

Malware

Analysis date:

4/26/2024 8:58:18 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.388871

918

AhnLab V3 Security

Trojan/Win32.Krypt

2014.06.25

Avira AntiVirus

TR/BitForce.A.57

7.11.156.166

avast!

Win32:Malware-gen

2014.9-140731

AVG

MSIL2

2015.0.3396

Baidu Antivirus

Trojan.MSIL.Kryptik

4.0.3.14731

Bitdefender

Gen:Variant.Kazy.388871

1.0.20.1060

Comodo Security

UnclassifiedMalware

18648

Emsisoft Anti-Malware

Gen:Variant.Kazy.388871

8.14.07.31.07

ESET NOD32

MSIL/Kryptik.XQ (variant)

8.9995

Fortinet FortiGate

MSIL/Kryptik.TR!tr

7/31/2014

F-Secure

Gen:Variant.Kazy.388871

11.2014-31-07_5

G Data

Gen:Variant.Kazy.388871

14.7.24

IKARUS anti.virus

Trojan.MSIL2

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.180.12498

Kaspersky

Trojan-Dropper.Win32.Sysn

14.0.0.3476

Malwarebytes

Backdoor.Agent.PTCGen

v2014.07.31.07

McAfee

Artemis!0B06C263BEEF

5600.7052

MicroWorld eScan

Gen:Variant.Kazy.388871

15.0.0.636

NANO AntiVirus

Trojan.Win32.DownLoader10.dbhzyn

0.28.0.60475

Norman

Troj_Generic.UOTBI

11.20140731

Panda Antivirus

Generic Malware

14.07.31.07

Qihoo 360 Security

Win32/Trojan.812

1.0.0.1015

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

Suspicious_GEN.F47V0623

7.2.212

VIPRE Antivirus

Trojan.Win32.Generic

30630

ViRobot

Dropper.A.Sysn.3058688

2011.4.7.4223

File size:

2.9 MB (3,058,688 bytes)

Product version:

1527.5225.5225.5225

Trademarks:

争いбもеωЏг六かへえはи五гсгめ骨аькЉогбẦбт

Original file name:

Patch.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\upnet.exe

File PE Metadata

Compilation timestamp:

6/20/2014 12:44:11 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

24576:7JI/j4oM/r2OjFHNcanMEfaBG4udO+ASaHw6azg8Kbd9uyU7n4+5gigaS+duitAz:7FoG9FJMC6+z78JkzN/g1oA4U+G90X

Entry address:

0x2EBF7E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.0906

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

2.9 MB (3,055,616 bytes)

Remove upnet.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.