» d70477afc2d6568a216381453e6364d0.pe
Overview
Analysis
File Details

d70477afc2d6568a216381453e6364d0.pe

The file d70477afc2d6568a216381453e6364d0.pe has been detected as malware by 38 anti-virus scanners.

File name:

MD5:

d70477afc2d6568a216381453e6364d0

SHA-1:

b61dbd860cc306c2df2ae7966fdfb2e105189413

SHA-256:

b38f148cb4518758145a8cc43682bd9b16a40e055278641db6631dd548833336

Scanner detections:

38 / 68

Status:

Malware

Analysis date:

4/16/2024 4:56:52 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Generic.Rebhip.92C5FAC9

658

Agnitum Outpost

Worm.DR.Rebhip.Gen

7.1.1

AhnLab V3 Security

Trojan/Win32.Llac

2015.04.06

avast!

Win32:BackDoor-ACX [Trj]

2014.9-150418

AVG

Luhe.Boxed.A

2016.0.3136

Baidu Antivirus

Trojan.Win32.Spatet

4.0.3.15418

Bitdefender

Generic.Rebhip.92C5FAC9

1.0.20.540

Clam AntiVirus

Trojan.Agent-192978

0.98/21511

Comodo Security

TrojWare.Win32.PSW.Delf.~JHN

21663

Dr.Web

BackDoor.Siggen.49176

9.0.1.0108

Emsisoft Anti-Malware

Generic.Rebhip.92C5FAC9

8.15.04.18.08

ESET NOD32

Win32/Spatet

9.11430

Fortinet FortiGate

W32/Llac.GFU!tr

4/18/2015

F-Prot

W32/Rebhip.A.gen

v6.4.7.1.166

F-Secure

Backdoor:W32/Spyrat.A

11.2015-18-04_7

G Data

Generic.Rebhip.92C5FAC9

15.4.25

IKARUS anti.virus

Trojan-Dropper.Agent

t3scan.1.8.9.0

K7 AntiVirus

Trojan

13.202.15489

Kaspersky

Trojan.Win32.Bublik

14.0.0.2173

Malwarebytes

Trojan.Agent.DF

v2015.04.18.08

McAfee

Generic PWS.di

5600.6792

Microsoft Security Essentials

Worm:Win32/Rebhip.A

1.1.11502.0

MicroWorld eScan

Generic.Rebhip.92C5FAC9

16.0.0.324

NANO AntiVirus

Trojan.Win32.Cybergate.bmrxo

0.30.8.659

Norman

Rebhip.O

11.20150418

nProtect

Trojan/W32.Scar.674816

15.04.03.01

Panda Antivirus

Trj/Ransom.AB

15.04.18.08

Qihoo 360 Security

Malware.Radar01.Gen

1.0.0.1015

Quick Heal

Worm.Rebhip.A8

4.15.14.00

Rising Antivirus

PE:Trojan.PSW.Win32.Agent.euu!1075279058

23.00.65.15416

Sophos

W32/Rebhip-AR

4.98

SUPERAntiSpyware

Worm.Rebhip

9928

Total Defense

Win32/Spyrat!generic

37.0.11533

Trend Micro House Call

TSPY_SPATET.SMT

7.2.108

Trend Micro

TSPY_SPATET.BMC

10.465.18

Vba32 AntiVirus

Trojan.Bublik.vzq

3.12.26.3

VIPRE Antivirus

Worm.Win32.Rebhip.A

39098

ViRobot

Trojan.Win32.U.Agent.289280[h]

2014.3.20.0

File size:

659 KB (674,816 bytes)

Common path:

C:\users\{user}\downloads\d70477afc2d6568a216381453e6364d0.pe

File PE Metadata

Compilation timestamp:

6/19/1992 3:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

6144:1xJsGLnuVlVXG49xPVXG49xL3oxDNT/xQphU+jrlgzfuzt91C9NDyWId98HhqbxK:nJsGoGMfGM934h/xQp6+tqOYy9zo0o

Entry address:

0xBBF0

Entry point:

55, 8B, EC, B9, 0B, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 53, B8, 00, BB, 40, 00, E8, 0E, 78, FF, FF, 33, C0, 55, 68, C0, C0, 40, 00, 64, FF, 30, 64, 89, 20, 68, D0, C0, 40, 00, 6A, 00, 6A, 00, E8, 42, 79, FF, FF, 8B, D8, E8, C3, 79, FF, FF, 3D, B7, 00, 00, 00, 75, 12, 53, E8, FE, 78, FF, FF, 68, E0, 2E, 00, 00, E8, 34, 7A, FF, FF, EB, 06, 53, E8, EC, 78, FF, FF, 68, E4, C0, 40, 00, 6A, 00, 6A, 00, E8, 0E, 79, FF, FF, 8B, D8, E8, 8F, 79, FF, FF, 3D, B7, 00, 00, 00, 0F, 85, 2A, 02, 00, 00, 53, E8, C6, 78... 
[+]

Entropy:

6.5509

Developed / compiled with:

Microsoft Visual C++

Code size:

44.5 KB (45,568 bytes)

Remove d70477afc2d6568a216381453e6364d0.pe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.