» ecb0b3b0d2fca14f19da0cb17b5a2520.pe
Overview
Analysis
File Details

ecb0b3b0d2fca14f19da0cb17b5a2520.pe

THANHMINH

The file ecb0b3b0d2fca14f19da0cb17b5a2520.pe has been detected as malware by 37 anti-virus scanners.

File name:

Product:

THANHMINH

Version:

1.00

MD5:

ecb0b3b0d2fca14f19da0cb17b5a2520

SHA-1:

52d162d38ef70319d82a310e6c8adbf2ab4a11c4

SHA-256:

2d5ec10a74a87cc314a1af86da55c99148cfcb6e48616e1204cf307be908bb11

Scanner detections:

37 / 68

Status:

Malware

Analysis date:

4/20/2024 2:38:59 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Win32.Worm.VB.NWW

658

Agnitum Outpost

Worm.VB

7.1.1

AhnLab V3 Security

HEUR/Fakon.mwf

2015.04.06

avast!

Win32:VB-KQF [Wrm]

2014.9-150418

AVG

Worm/VB

2016.0.3136

Baidu Antivirus

Worm.Win32.VB

4.0.3.15418

Bitdefender

Win32.Worm.VB.NWW

1.0.20.540

Comodo Security

Worm.Win32.Autorun.JP0

21663

Dr.Web

Worm.Siggen.5470

9.0.1.0108

Emsisoft Anti-Malware

Win32.Worm.VB.NWW

8.15.04.18.09

ESET NOD32

Win32/AutoRun.VB.AJN (variant)

9.11430

Fortinet FortiGate

W32/VB.AKU!worm

4/18/2015

F-Prot

W32/VBTrojan.17E

v6.4.7.1.166

F-Secure

Win32.Worm.VB.NWW

11.2015-18-04_7

G Data

Win32.Worm.VB.NWW

15.4.25

IKARUS anti.virus

Worm.Win32.VB

t3scan.1.8.9.0

K7 AntiVirus

Trojan

13.202.15489

Kaspersky

Worm.Win32.VB

14.0.0.2173

Malwarebytes

Trojan.Crypt

v2015.04.18.09

McAfee

Suspect-BQ!ECB0B3B0D2FC

5600.6792

Microsoft Security Essentials

Trojan:Win32/Vhorse.CV

1.1.11502.0

MicroWorld eScan

Win32.Worm.VB.NWW

16.0.0.324

NANO AntiVirus

Trojan.Win32.VB.oopw

0.30.8.659

Norman

Obfuscated.CD!genr

11.20150418

nProtect

Win32.Worm.VB.NWW

15.04.03.01

Panda Antivirus

Trj/Genetic.gen

15.04.18.09

Qihoo 360 Security

Win32/Worm.afe

1.0.0.1015

Quick Heal

Worm.VB.HA2

4.15.14.00

Rising Antivirus

PE:Worm.VobfusEx!1.99E4

23.00.65.15416

Sophos

Mal/Veneb-A

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Crypt

9928

Total Defense

Win32/Vobfus.L!generic

37.0.11533

Trend Micro House Call

Suspicious_GEN.F47V0331

7.2.108

Trend Micro

Possible_Otorun8

10.465.18

Vba32 AntiVirus

SScope.Trojan.VBO.0292

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic.pak!cobra

39098

Zillya! Antivirus

Worm.VB.Win32.16252

2.0.0.2128

File size:

284 KB (290,816 bytes)

Product version:

1.00

Original file name:

task.exe

Language:

English (United States)

Common path:

C:\users\{user}\downloads\ecb0b3b0d2fca14f19da0cb17b5a2520.pe

File PE Metadata

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.0

CTPH (ssdeep):

3072:aaDAC7C1mourL2xjURHppSYVdBajLpQy6EIy:PEHZxQRHppSYViyFy

Entry address:

0x122C

Entry point:

68, CC, A8, 40, 00, E8, EE, FF, FF, FF, 00, 00, 48, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 15, A1, 84, 51, 88, 08, 6E, 46, BC, 96, E1, 00, 88, 2C, 82, 67, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 50, 72, 6F, 6A, 65, 63, 74, 31, 00, 00, 00, 00, 00, 00, 00, 00, 00, 51, 2B, 01, E0, 20, 29, 01, 00, 00, 00, 00, 90, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 0A, 00, 00, 00, 1E, DC, 0A, 5D, 46, 97, 02, 42, AB, AB, 11, AB, 3B, A6, 4E, FB, 01, 00, 00, 00, 98, 00, 00, 00... 
[+]

Entropy:

4.0227

Developed / compiled with:

Microsoft Visual Basic v5.0

Code size:

144 KB (147,456 bytes)

Remove ecb0b3b0d2fca14f19da0cb17b5a2520.pe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.