» e4c91af8c2592fad5561724a581d7110.pe
Overview
Analysis
File Details

e4c91af8c2592fad5561724a581d7110.pe

The file e4c91af8c2592fad5561724a581d7110.pe has been detected as a potentially unwanted program by 36 anti-malware scanners.

File name:

MD5:

e4c91af8c2592fad5561724a581d7110

SHA-1:

3926f3f9486e17c395af87da5dd31233f4b4aba1

SHA-256:

81d15e0fa7574fdc656577b3e5450cfca73de87fc1707c47c6d7110e5d7d42d0

Scanner detections:

36 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 9:09:54 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Worm.Generic.270129

658

AhnLab V3 Security

Dropper/Win32.Rootkit

2015.04.06

Avira AntiVirus

TR/Hijacker.Gen

3.6.1.96

avast!

Win32:GenMalicious-BKH [Trj]

2014.9-150418

AVG

Generic18

2016.0.3136

Baidu Antivirus

Worm.Win32.AntiAV

4.0.3.15418

Bitdefender

Worm.Generic.270129

1.0.20.540

Bkav FE

W32.HfsAutoB

1.3.0.6379

Clam AntiVirus

Win.Trojan.Agent-387181

0.98/21511

Comodo Security

TrojWare.Win32.Antiav.stki

21663

Dr.Web

Win32.HLLW.Autoruner.45676

9.0.1.0108

Emsisoft Anti-Malware

Worm.Generic.270129

8.15.04.18.08

ESET NOD32

Win32/AutoRun.AntiAV (variant)

9.11430

Fortinet FortiGate

W32/Injector.fam!tr

4/18/2015

F-Prot

W32/SmallTrojan.A.gen

v6.4.7.1.166

F-Secure

Worm.Generic.270129

11.2015-18-04_7

G Data

Worm.Generic.270129

15.4.25

IKARUS anti.virus

Trojan-PWS.Win32.QQPass

t3scan.1.8.9.0

K7 AntiVirus

P2PWorm

13.202.15489

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.2173

McAfee

Artemis!E4C91AF8C259

5600.6792

Microsoft Security Essentials

Trojan:Win32/Killav.GL

1.1.11502.0

MicroWorld eScan

Worm.Generic.270129

16.0.0.324

NANO AntiVirus

Trojan.Win32.Hijacker.bxjnc

0.30.8.659

Norman

Killav.BPLK

11.20150418

nProtect

Worm.Generic.270129

15.04.03.01

Panda Antivirus

Generic Malware

15.04.18.08

Qihoo 360 Security

HEUR/QVM05.1.Malware.Gen

1.0.0.1015

Quick Heal

Trojan.Killav.GL9

4.15.14.00

Rising Antivirus

PE:Trojan.Killav!1.9EAB

23.00.65.15416

Sophos

Mal/Dorf-A

4.98

Total Defense

Win32/Small.G!generic

37.0.11533

Trend Micro House Call

Suspicious_GEN.F47V0331

7.2.108

Trend Micro

WORM_ANTIAV.SMI

10.465.18

Vba32 AntiVirus

MalwareScope.Trojan-PSW.Game.16

3.12.26.3

VIPRE Antivirus

TrojanDropper.Win32.Small.GL

39098

File size:

44.5 KB (45,527 bytes)

Common path:

C:\users\{user}\downloads\e4c91af8c2592fad5561724a581d7110.pe

File PE Metadata

Compilation timestamp:

6/19/1992 3:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

768:/HKxkCiK/GbGpWbMqUWS8ZsbfOlLWHbCSEOoQEm:/08K/nWbMqUdRbfSa7CC

Entry address:

0x4FAC

Entry point:

55, 8B, EC, B9, 07, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 53, B8, EC, 4E, 40, 00, E8, 96, D7, FF, FF, 33, C0, 55, 68, 43, 51, 40, 00, 64, FF, 30, 64, 89, 20, 7C, 03, EB, 01, E8, E8, 02, DA, FF, FF, E8, 04, 00, 00, 00, E8, EB, 0C, E8, 58, EB, 01, E8, 40, EB, 01, E8, FF, E0, E8, E8, 04, 00, 00, 00, E8, EB, 0C, E8, 58, EB, 01, E8, 40, EB, 01, E8, FF, E0, E8, E8, 04, 00, 00, 00, E8, EB, 0C, E8, 58, EB, 01, E8, 40, EB, 01, E8, FF, E0, E8, 51, 31, C9, 67, E3, 01, E8, 59, E8, 04, 00, 00, 00, E8, EB, 0C, E8, 58... 
[+]

Entropy:

6.3391

Developed / compiled with:

Microsoft Visual C++

Code size:

16.5 KB (16,896 bytes)

Remove e4c91af8c2592fad5561724a581d7110.pe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.