» ver - documentos.exe
Overview
Analysis
File Details
Downloads (1)

ver - documentos.exe

The executable ver - documentos.exe has been detected as malware by 25 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from bitly.com.

File name:

MD5:

45907b19b9b9781dfa795546553a64cb

SHA-1:

9dc139fd7ffe181e1022ddfb71c1550b8a6b52ae

SHA-256:

72645e5b1d451617f03ce4f5921853db300c9d45dc07f1116406640708550a9f

Scanner detections:

25 / 68

Status:

Malware

Analysis date:

4/25/2024 4:27:16 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.2894532

387

Avira AntiVirus

TR/VB.Agent.528896

8.3.2.4

Arcabit

Trojan.Generic.D2C2AC4

1.0.0.627

avast!

Win32:Malware-gen

2014.9-160113

Baidu Antivirus

Trojan.VBS.Agent

4.0.3.16113

Bitdefender

Trojan.GenericKD.2894532

1.0.20.65

Emsisoft Anti-Malware

Trojan.GenericKD.2894532

8.16.01.13.03

ESET NOD32

VBS/TrojanDownloader.Agent.NTW

10.12649

Fortinet FortiGate

VBS/Agent.AXQ!tr.dldr

1/13/2016

F-Prot

W32/NewMalware-LSU-based!Maximu

v6.4.7.1.166

F-Secure

Trojan.GenericKD.2894532

11.2016-13-01_4

G Data

Trojan.GenericKD.2894532

16.1.25

IKARUS anti.virus

Trojan-Downloader.VBS.Agent

t3scan.1.9.5.0

K7 AntiVirus

Trojan-Downloader

13.212.18012

Kaspersky

Trojan-Downloader.VBS.Agent

14.0.0.822

McAfee

Artemis!45907B19B9B9

5600.6521

Microsoft Security Essentials

Trojan:Win32/Dynamer!ac

1.1.12300.0

MicroWorld eScan

Trojan.GenericKD.2894532

17.0.0.39

NANO AntiVirus

Trojan.Win32.Agent.dyxhtu

0.30.26.4751

nProtect

Trojan.GenericKD.2894532

15.11.30.01

Panda Antivirus

Generic Suspicious

16.01.13.03

Qihoo 360 Security

Win32/Trojan.Downloader.7d6

1.0.0.1077

Sophos

Mal/Generic-S

4.98

Trend Micro

TROJ_GEN.R00JC0DKU15

10.465.13

VIPRE Antivirus

Trojan.Win32.Generic

45530

File size:

516.5 KB (528,896 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

2/4/2013 9:06:48 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:IG31vSCK2/ArjaYdgAwctnEfekj38+Q9vmlaZ7No7xrS1WoS:731vSCP/MjsQefeGnQV3o7xr4

Entry address:

0xAF740

Entry point:

60, BE, 00, 20, 43, 00, 8D, BE, 00, F0, FC, FF, 57, 89, E5, 8D, 9C, 24, 80, F1, FC, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, DF, DC, 0A, 00, 57, 83, C3, 04, 53, 68, 33, D7, 07, 00, 56, 83, C3, 04, 53, 50, C7, 03, 07, 00, 04, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A... 
[+]

Code size:

508 KB (520,192 bytes)

The file ver - documentos.exe has been seen being distributed by the following URL.

https://bitly.com/1IbgoH0

Remove ver - documentos.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.