home

ed4bdf5219d7b20de6547533f76bccf0.pe

The file ed4bdf5219d7b20de6547533f76bccf0.pe has been detected as malware by 38 anti-virus scanners.
MD5:
ed4bdf5219d7b20de6547533f76bccf0

SHA-1:
ae33df669f11365c5eb54c28207cefd77961df0b

SHA-256:
0863087069ea1df266238fc85d91facf6bc3e047d3722682873bdd01ba638255

Scanner detections:
38 / 68

Status:
Malware

Analysis date:
4/25/2024 8:25:43 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Zusy.121330
658

Agnitum Outpost
Trojan.DL.Zortob
7.1.1

AhnLab V3 Security
Malware/Win32.Generic
2015.01.15

Avira AntiVirus
TR/Dldr.Zortob.alons
7.11.201.100

avast!
Win32:GenMalicious-IHB [Trj]
2014.9-150418

AVG
Crypt3
2016.0.3136

Bitdefender
Gen:Variant.Zusy.121330
1.0.20.540

Comodo Security
TrojWare.Win32.TrojanDownloader.Zortob.ALON
21455

Dr.Web
BackDoor.Kuluoz.68
9.0.1.0108

Emsisoft Anti-Malware
Gen:Variant.Zusy.121330
8.15.04.18.09

ESET NOD32
Win32/TrojanDownloader.Zortob.F trojan
9.7.0.302.0

Fortinet FortiGate
W32/Kryptik.CVSR!tr
4/18/2015

F-Prot
W32/S-5a305fa3
v6.4.7.1.166

F-Secure
Gen:Variant.Zusy.121330
11.2015-18-04_7

G Data
Gen:Variant.Zusy.121330
15.4.24

herdProtect (fuzzy)
variant of virussign.com_374bee49f6cee3b133dabca1d4c95420.vir
2015.7.19.21

IKARUS anti.virus
Trojan.Win32.Inject
t3scan.1.8.6.0

K7 AntiVirus
Trojan-Downloader
13.191.14645

Kaspersky
Trojan.Win32.Inject
14.0.0.2173

McAfee
Trojan.Downloader-FAII!374BEE49F6CE
5600.6792

Microsoft Security Essentials
Threat.Undefined
1.197.343.0

MicroWorld eScan
Gen:Variant.Zusy.121330
16.0.0.324

NANO AntiVirus
Trojan.Win32.Inject.dlnfua
0.30.0.64448

Norman
Kuluoz.MF
11.20150418

nProtect
Trojan/W32.Inject.120320.K
15.04.17.01

Panda Antivirus
Trj/Genetic.gen
15.04.18.09

Qihoo 360 Security
Win32/Trojan.8e4
1.0.0.1015

Quick Heal
Trojan.Inject.r5
4.15.14.00

Reason Heuristics
Threat.Win.Reputation.IMP
15.4.20.1

Rising Antivirus
PE:Trojan.Win32.Generic.17E3C62F!400803375
23.00.65.15416

Sophos
Mal/Generic-S
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Injector
9925

Total Defense
Win32/Kuluoz.HYdFGDB
37.0.11386

Trend Micro House Call
BKDR_KULUOZ.SM20
7.2.108

Trend Micro
TROJ_GEN.F0C2C00AD15
10.465.18

Vba32 AntiVirus
Trojan.Inject
3.12.26.3

VIPRE Antivirus
Threat.4150696
39354

Zillya! Antivirus
Trojan.Inject.Win32.125820
2.0.0.2035

File size:
117.5 KB (120,320 bytes)

Common path:
C:\users\{user}\downloads\ed4bdf5219d7b20de6547533f76bccf0.pe

File PE Metadata
Compilation timestamp:
12/30/2014 5:19:29 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:1FuWJIG1Ki5XvfM3IgWdvnZrg8bG8XjMLN:1AQIYTX4TWdPZrg8y/N

Entry address:
0x115E

Entry point:
E8, 34, 1C, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 60, 7D, F2, 01, E8, 4C, 21, 00, 00, E8, 01, 1E, 00, 00, 0F, B7, F0, 6A, 02, E8, C7, 1B, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, F1, 01, 74, 04, 33, DB, EB, 33, A1, 3C, 00, F1, 01, 81, B8, 00, 00, F1, 01, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, F1, 01, 75, DD, 33, DB, 83, B8, 74, 00, F1, 01, 0E, 76, 09, 39, 98, E8, 00, F1, 01, 0F, 95, C3, 89, 5D, E4, E8, 83, 08, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Entropy:
6.8069

Code size:
75 KB (76,800 bytes)

Remove ed4bdf5219d7b20de6547533f76bccf0.pe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.