» e7797d14530990e04bc9b787eeb12060.pe
Overview
Analysis
File Details

e7797d14530990e04bc9b787eeb12060.pe

The file e7797d14530990e04bc9b787eeb12060.pe has been detected as malware by 34 anti-virus scanners.

File name:

MD5:

e7797d14530990e04bc9b787eeb12060

SHA-1:

31104ce909b4b6f79ecd618851e555e418f8bd96

SHA-256:

570dca8e5a9d4c7c920a16aea0ab313dc5ae9df8861aad5433cdd1b11b405114

Scanner detections:

34 / 68

Status:

Malware

Analysis date:

4/23/2024 6:57:18 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Obfus.3.Gen

658

AhnLab V3 Security

Trojan/Win32.Agent

2015.01.22

Avira AntiVirus

TR/Crypt.XPACK.Gen

7.11.204.50

avast!

Win32:VirLock

2014.9-150418

AVG

Win32/Cryptor

2016.0.3136

Baidu Antivirus

Virus.Win32.PolyRansom

4.0.3.15418

Bitdefender

Trojan.Obfus.3.Gen

1.0.20.540

Comodo Security

Packed.Win32.Graybird.B

20801

Dr.Web

Win32.VirLock.1

9.0.1.0108

Emsisoft Anti-Malware

Trojan.Obfus.3.Gen

8.15.04.18.09

ESET NOD32

Win32/Virlock (variant)

9.11054

F-Prot

W32/S-7136ec3b

v6.4.7.1.166

F-Secure

Trojan.Obfus.3.Gen

11.2015-18-04_7

G Data

Trojan.Obfus.3.Gen

15.4.24

IKARUS anti.virus

Virus-Ransom.FileLocker

t3scan.1.8.6.0

K7 AntiVirus

Virus

13.191.14713

Kaspersky

Virus.Win32.PolyRansom

14.0.0.2173

Malwarebytes

Trojan.VirLock

v2015.04.18.09

McAfee

W32/VirRansom

5600.6792

Microsoft Security Essentials

Virus:Win32/Nabucur.gen!A

1.11302

MicroWorld eScan

Trojan.Obfus.3.Gen

16.0.0.324

NANO AntiVirus

Trojan.Win32.Kryptik.djtwta

0.30.0.64812

Norman

PolyRansom.A

11.20150418

nProtect

Trojan.Obfus.3.Gen

15.01.22.01

Panda Antivirus

Generic Suspicious

15.04.18.09

Qihoo 360 Security

Malware.Radar01.Gen

1.0.0.1015

Quick Heal

Ransom.VirLock.A2

4.15.14.00

Rising Antivirus

PE:Malware.XPACK-LNR/Heur!1.5594

23.00.65.15416

Sophos

W32/VirRnsm-A

4.98

Total Defense

Win32/Nabucur.A

37.0.11397

Trend Micro House Call

PE_VIRLOCK.F

7.2.108

Trend Micro

PE_VIRLOCK.F

10.465.18

VIPRE Antivirus

Virus.Win32.Nabucur.a

36874

ViRobot

Trojan.Win32.S.Agent.221696.AY[h]

2014.3.20.0

File size:

216.5 KB (221,696 bytes)

Common path:

C:\users\{user}\downloads\e7797d14530990e04bc9b787eeb12060.pe

File PE Metadata

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

5.12

CTPH (ssdeep):

3072:aJndb8GAfZ2ecawoLL1QjseLTEILNUyiYPmzGMojzV2G4tSBr+Nr5HO4eJAG232:aJn92Me6oLpofE+Nqwi0cr5HO4AM2

Entry address:

0x31C00

Entry point:

B9, 20, A7, 0D, 00, BB, 3D, 93, 05, 00, 81, E9, 51, 34, 0D, 00, 81, EB, D5, 2E, 09, 00, 81, E9, CB, E7, 05, 00, 81, EB, FD, B7, 08, 00, 81, C1, DA, 2E, 09, 00, 81, EB, 29, 28, 07, 00, 81, C1, BD, 51, 05, 00, 81, C3, 85, EF, 07, 00, 81, C1, 65, 04, 37, 00, 81, EB, 0F, 49, 5E, 54, 89, 19, BA, 6B, 28, 07, 00, BE, D1, 56, 08, 00, 81, EA, 51, A9, 0B, 00, 81, EE, FD, 6F, 00, 00, 81, C2, 1C, 27, 0B, 00, 81, EE, DC, 97, 0E, 00, 81, EA, 5C, C7, 0B, 00, 81, C6, 40, B2, 0D, 00, 81, EA, 3D, 73, 04, 00, 81, C6, 1C, 25... 
[+]

Entropy:

7.6931

Code size:

216 KB (221,184 bytes)

Remove e7797d14530990e04bc9b787eeb12060.pe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.