» e54fe795eabb761d1396885fe84ebcb0.pe
Overview
Analysis
File Details

e54fe795eabb761d1396885fe84ebcb0.pe

Conait iente

Thof or ssint

The file e54fe795eabb761d1396885fe84ebcb0.pe, “Meste on ndin only” has been detected as malware by 36 anti-virus scanners. According to AVG, this software downloads additional adware offers during setup.

File name:

Publisher:

Thof or ssint

Product:

Conait iente

Description:

Meste on ndin only

Version:

4, 2, 1, 1

MD5:

e54fe795eabb761d1396885fe84ebcb0

SHA-1:

41eec42f07159a64f8fb105a42c79d68e165a9e0

SHA-256:

1f1e360749eea2b45dae510fa4203e6a1e14663267a95f6354d8f22a61aaedae

Scanner detections:

36 / 68

Status:

Malware

Analysis date:

4/24/2024 11:15:06 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Swizzor.Gen.6

658

Agnitum Outpost

Trojan.Swizzor

7.1.1

AhnLab V3 Security

Win-Trojan/Swizzor.823296.KB

2015.03.23

Avira AntiVirus

TR/Dldr.Swizzor.Gen

7.11.219.52

avast!

Win32:SwizBased-gen [Trj]

2014.9-150418

AVG

Downloader.Swizzor

2016.0.3136

Baidu Antivirus

Trojan.Win32.Swizzor

4.0.3.15418

Bitdefender

Trojan.Swizzor.Gen.6

1.0.20.540

Bkav FE

HW32.Packed

1.3.0.6379

Comodo Security

TrojWare.Win32.TrojanDownloader.Swizzor.Gen

21508

Dr.Web

Trojan.Swizzor.based

9.0.1.0108

Emsisoft Anti-Malware

Trojan.Swizzor.Gen

8.15.04.18.08

ESET NOD32

Win32/TrojanDownloader.Swizzor.NBF (variant)

9.11361

Fortinet FortiGate

W32/Swizzor.fam!tr

4/18/2015

F-Prot

W32/Swizzor.D!Generic

v6.4.7.1.166

F-Secure

Trojan.Swizzor.Gen.6

11.2015-18-04_7

G Data

Trojan.Swizzor.Gen

15.4.25

IKARUS anti.virus

Trojan.Win32.Obfuscated

t3scan.1.8.6.0

K7 AntiVirus

Backdoor

13.202.15346

Kaspersky

Trojan.Win32.Swizzor

14.0.0.2173

McAfee

Swizzor.gen.g

5600.6792

Microsoft Security Essentials

Trojan:Win32/C2Lop.N

1.1.11400.0

MicroWorld eScan

Trojan.Swizzor.Gen.6

16.0.0.324

NANO AntiVirus

Trojan.Win32.Swizzor.dpgjqs

0.30.8.659

Norman

Heur.I

11.20150418

nProtect

Trojan.Swizzor.Gen.6

15.03.20.01

Panda Antivirus

Trj/Swizzor.S

15.04.18.08

Qihoo 360 Security

Malware.Radar01.Gen

1.0.0.1015

Quick Heal

Win32.Trojan.Swizzor.b.4

4.15.14.00

Sophos

Mal/Swizzor-K

4.98

Trend Micro House Call

TROJ_GEN.R27E1AB

7.2.108

Trend Micro

TROJ_GEN.R27E1AB

10.465.18

Vba32 AntiVirus

BScope.Trojan.BugsWay.H.Obfs

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Swizzor.Gen

38686

ViRobot

Trojan.Win32.A.Swizzor.823296.R[h]

2014.3.20.0

Zillya! Antivirus

Trojan.Swizzor.Win32.163739

2.0.0.2111

File size:

804 KB (823,296 bytes)

Product version:

4, 2, 1, 1

Kiside a agib.

Original file name:

Asohat.exe

Language:

English (United States)

Common path:

C:\users\{user}\downloads\e54fe795eabb761d1396885fe84ebcb0.pe

File PE Metadata

Compilation timestamp:

12/26/2007 11:37:02 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

24576:5uS1aWGwxh6Tm8wTdVgteBpkVvb5yN307yFp7EYfh7:cYaWj6o/gtakTEB

Entry address:

0x1049

Entry point:

6A, 60, 68, 78, 8E, 47, 00, E8, 8F, 02, 00, 00, BF, 94, 00, 00, 00, 8B, C7, E8, EF, 64, 01, 00, 89, 65, E8, 8B, F4, 89, 3E, 56, FF, 15, C8, 99, 41, 00, 8B, 4E, 10, 89, 0D, 2C, 82, 49, 00, 8B, 46, 04, A3, 38, 82, 49, 00, 8B, 56, 08, 89, 15, 3C, 82, 49, 00, 8B, 76, 0C, 81, E6, FF, 7F, 00, 00, 89, 35, 30, 82, 49, 00, 83, F9, 02, 74, 0C, 81, CE, 00, 80, 00, 00, 89, 35, 30, 82, 49, 00, C1, E0, 08, 03, C2, A3, 34, 82, 49, 00, 33, F6, 56, 8B, 3D, 14, 98, 41, 00, FF, D7, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03... 
[+]

Entropy:

7.7552

Developed / compiled with:

Microsoft Visual C++ v7.0

Code size:

96 KB (98,304 bytes)

Remove e54fe795eabb761d1396885fe84ebcb0.pe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.