» vbzozy5fyuqi.exe
Overview
Analysis
File Details
Behaviors (1)

vbzozy5fyuqi.exe

The executable vbzozy5fyuqi.exe has been detected as malware by 10 anti-virus scanners. It runs as a windows Service named “Cache Tools Web Tablet WLAN Name Visual”.

File name:

vbzozy5fyuqi.exe

MD5:

d583d5e38c037c92ce4efdfd6263091d

SHA-1:

504bd47ad637ddab5723ab40d2fd48953aa123a9

SHA-256:

7e4241a3f9871b9fe298993dc7513262069848b80242e8dbd95eaf62f6b30dfe

Scanner detections:

10 / 68

Status:

Malware

Analysis date:

4/25/2024 1:05:16 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Symmi.51758

5691347

avast!

Win32:Evo-gen [Susp]

160201-0

AVG

Win32/Cryptor

2015.0.4522

Emsisoft Anti-Malware

Gen:Variant.Symmi.51758

10.0.0.5366

ESET NOD32

Win32/Bayrob.AO trojan

7.0.302.0

F-Secure

Variant.Symmi.51758

5.15.21

Kaspersky

Trojan.Win32.Bayrob

15.0.0.562

McAfee

Trojan.Trojan-FHOZ!D583D5E38C03

18.0.204.0

Norman

Gen:Variant.Symmi.51758

03.12.2014 13:20:04

Sophos

Virus 'Troj/Nivdor-E'

5.22

File size:

428.5 KB (438,784 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

12/11/2015 12:14:34 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.23

CTPH (ssdeep):

12288:B8x4jrWD4OHXWnoOpUuEopGe4650J4cjjTL5+:Q4/WD4OHXWnoQ0yG9BxjP5+

Entry address:

0x1590

Entry point:

83, EC, 1C, C7, 04, 24, 02, 00, 00, 00, FF, 15, 08, E5, 46, 00, E8, DB, FB, FF, FF, 8D, 74, 26, 00, 8D, BC, 27, 00, 00, 00, 00, A1, B8, E5, 46, 00, FF, E0, 89, F6, 8D, BC, 27, 00, 00, 00, 00, A1, 5C, E5, 46, 00, FF, E0, 90, 90, 90, 90, 90, 90, 90, 90, 90, 55, 89, E5, 83, EC, 18, C7, 04, 24, 00, 60, 45, 00, E8, 86, 71, 04, 00, BA, 30, 1C, 44, 00, 83, EC, 04, 85, C0, 74, 15, C7, 44, 24, 04, 13, 60, 45, 00, 89, 04, 24, E8, 72, 71, 04, 00, 83, EC, 08, 89, C2, 85, D2, 74, 11, C7, 44, 24, 04, 08, C0, 46, 00, C7... 
[+]

Code size:

316.5 KB (324,096 bytes)

Service

Display name:

Cache Tools Web Tablet WLAN Name Visual

Type:

Win32OwnProcess, InteractiveProcess

Remove vbzozy5fyuqi.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.