» dfea2e4082b7e846843aa96d8c0929a0.pe
Overview
Analysis
File Details

dfea2e4082b7e846843aa96d8c0929a0.pe

The file dfea2e4082b7e846843aa96d8c0929a0.pe has been detected as malware by 32 anti-virus scanners.

File name:

MD5:

dfea2e4082b7e846843aa96d8c0929a0

SHA-1:

89065d40c0cf9baf5892f8dda2c5f69bc69fed18

SHA-256:

11c5938b8d749d27efff70bd7bb079f4d5b64194eec74255abf8af30df9d32bc

Scanner detections:

32 / 68

Status:

Malware

Analysis date:

5/11/2024 12:14:11 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Trojan.Heur.RP.QuZ@aOoV52i

658

Agnitum Outpost

Trojan.Scar

7.1.1

AhnLab V3 Security

Trojan/Win32.Scar

2015.04.09

avast!

Win32:Malware-gen

2014.9-150418

AVG

Win32/DH

2016.0.3136

Baidu Antivirus

Trojan.Win32.Scar

4.0.3.15418

Bitdefender

Gen:Trojan.Heur.RP.QuZ@aOoV52i

1.0.20.540

Comodo Security

UnclassifiedMalware

21697

Dr.Web

Trojan.Siggen6.32884

9.0.1.0108

Emsisoft Anti-Malware

Gen:Trojan.Heur.RP.QuZ@aOoV52i

8.15.04.18.08

ESET NOD32

Win32/PSW.OnLineGames.QNS (variant)

9.11445

Fortinet FortiGate

W32/Scar.CMJH!tr

4/18/2015

F-Prot

W32/Heuristic-119

v6.4.7.1.166

F-Secure

Gen:Trojan.Heur.RP.QuZ@aOoV52i

11.2015-18-04_7

G Data

Gen:Trojan.Heur.RP.QuZ@aOoV52i

15.4.25

IKARUS anti.virus

Trojan.Win32.Rundis

t3scan.1.8.9.0

K7 AntiVirus

Password-Stealer

13.202.15530

Kaspersky

Trojan.Win32.Scar

14.0.0.2173

McAfee

Artemis!DFEA2E4082B7

5600.6792

Microsoft Security Essentials

Trojan:Win32/Dynamer!ac

1.1.11502.0

MicroWorld eScan

Gen:Trojan.Heur.RP.QuZ@aOoV52i

16.0.0.324

NANO AntiVirus

Trojan.Win32.Scar.dpwfcv

0.30.10.952

Norman

Malware

11.20150418

Panda Antivirus

Generic Malware

15.04.18.08

Qihoo 360 Security

HEUR/QVM01.1.Malware.Gen

1.0.0.1015

Rising Antivirus

PE:Trojan.Win32.Generic.18516100!407986432

23.00.65.15416

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

WORM_AUTORUN.BMC

7.2.108

Trend Micro

WORM_AUTORUN.BMC

10.465.18

Vba32 AntiVirus

Trojan.Scar

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

39184

Zillya! Antivirus

Trojan.OnLineGames.Win32.90643

2.0.0.2132

File size:

672 KB (688,128 bytes)

Common path:

C:\users\{user}\downloads\dfea2e4082b7e846843aa96d8c0929a0.pe

File PE Metadata

Compilation timestamp:

7/2/2010 1:17:15 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.56

CTPH (ssdeep):

12288:kmjwIqyozf4HtE+ybAmvi8+etWxoFBGnaxQ0dwhs4VTccA3Gyd2WcEiP/3IWVJ/v:kmjwIqyozf4HtVeoFnaxQ0Xs/

Entry address:

0x1240

Entry point:

55, 89, E5, 83, EC, 08, C7, 04, 24, 02, 00, 00, 00, FF, 15, 84, 23, 45, 00, E8, A8, FE, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 8B, 0D, C4, 23, 45, 00, 89, E5, 5D, FF, E1, 8D, 74, 26, 00, 55, 8B, 0D, AC, 23, 45, 00, 89, E5, 5D, FF, E1, 90, 90, 90, 90, 55, 89, E5, 5D, E9, 67, 11, 01, 00, 90, 90, 90, 90, 90, 90, 90, 55, 89, E5, 83, EC, 28, 8B, 45, 10, 89, 04, 24, E8, A7, 92, 01, 00, 48, 89, 45, FC, 8B, 45, 0C, 48, 89, 45, F4, 8D, 45, F4, 89, 44, 24, 04, 8D, 45, FC, 89, 04, 24, E8, 3A, 22, 04, 00, 8B, 00... 
[+]

Entropy:

5.1746

Packer / compiler:

MingWin32

Code size:

281 KB (287,744 bytes)

Remove dfea2e4082b7e846843aa96d8c0929a0.pe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.