home

vioguc.exe

sloggiano

The executable vioguc.exe has been detected as malware by 6 anti-virus scanners. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘vioguc’.
Publisher:
sloggiano

Product:
sloggiano

Version:
6.67

MD5:
677ae3362d5de433d1ca3f3b8f0755c8

SHA-1:
8e9f24a509b6fb912a374e0dc527d535350f095d

SHA-256:
1c077a021b7b13f0afe4839bc5b4847dcfcd104e030aaa098fd6063787ac9345

Scanner detections:
6 / 68

Status:
Malware

Analysis date:
4/28/2024 8:57:38 PM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
Win.Trojan.Agent-547376
0.98/23207

Dr.Web
Win32.HLLW.Autoruner1.25430
9.0.1.05190

ESET NOD32
Win32/VBObfus.AS trojan
6.3.12010.0

F-Prot
W32/VB.HC.gen
4.6.5.141

F-Secure
Heur.VB.Agent.3
5.16.24

Kaspersky
Worm.Win32.WBNA
15.0.2.529

File size:
148 KB (151,552 bytes)

Product version:
6.67

Copyright:
sloggiano

Trademarks:
sloggiano

Original file name:
Curera.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\khosravi\vioguc.exe

File PE Metadata
Compilation timestamp:
8/30/2012 10:46:34 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x1248

Entry point:
68, F8, 12, 40, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 50, 00, 00, 00, 38, 00, 00, 00, 6F, A2, 0D, 05, 33, 21, F4, 49, B9, F8, AA, A4, 59, C9, 34, F2, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 2D, 43, 30, 30, 30, 2D, 53, 68, 61, 6E, 6E, 61, 00, 30, 49, 6E, 74, 65, 67, 75, 6D, 65, 6E, 74, 61, 74, 69, 6F, 6E, 20, 41, 74, 75, 61, 6D, 69, 00, 73, 00, 00, 00, 00, 50, 00, 00, 00, 25, C9, A7, 0B, 9E, A5, DF, 44, A7, 8F, 86, 83, 0E, 99, E1, B3, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.0606

Developed / compiled with:
Microsoft Visual Basic v5.0/v6.0

Code size:
124 KB (126,976 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
vioguc

Command:
C:\users\khosravi\vioguc.exe \f


Remove vioguc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.