» f2f5c3c9d1457777b269d09823490180.pe
Overview
Analysis
File Details

f2f5c3c9d1457777b269d09823490180.pe

The file f2f5c3c9d1457777b269d09823490180.pe has been detected as malware by 35 anti-virus scanners.

File name:

MD5:

f2f5c3c9d1457777b269d09823490180

SHA-1:

95ac6bb65bab7e6e193c00c6de04c4478986d926

SHA-256:

4faa327fc0803786895d6ce0be7eaa96af17d551537372973add4c0da7d0f13f

Scanner detections:

35 / 68

Status:

Malware

Analysis date:

4/25/2024 8:39:54 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Obfus.3.Gen

658

AhnLab V3 Security

Trojan/Win32.Demp

2015.01.22

Avira AntiVirus

TR/Crypt.XPACK.Gen7

7.11.204.50

avast!

Win32:VirLock

2014.9-150418

AVG

Win32/Cryptor

2016.0.3136

Baidu Antivirus

Virus.Win32.PolyRansom

4.0.3.15418

Bitdefender

Trojan.Obfus.3.Gen

1.0.20.540

Clam AntiVirus

BC.Heuristic.Trojan.SusPacked.BF-6.C

0.98/21511

Comodo Security

Packed.Win32.Graybird.B

20801

Dr.Web

Win32.VirLock.1

9.0.1.0108

Emsisoft Anti-Malware

Trojan.Obfus.3.Gen

8.15.04.18.09

ESET NOD32

Win32/Virlock (variant)

9.11054

F-Prot

W32/S-43a675a7

v6.4.7.1.166

F-Secure

Trojan.Obfus.3.Gen

11.2015-18-04_7

G Data

Trojan.Obfus.3.Gen

15.4.24

IKARUS anti.virus

Virus-Ransom.FileLocker

t3scan.1.8.6.0

K7 AntiVirus

Virus

13.191.14713

Kaspersky

Virus.Win32.PolyRansom

14.0.0.2173

Malwarebytes

Trojan.Agent.RND1Gen

v2015.04.18.09

McAfee

W32/VirRansom

5600.6792

Microsoft Security Essentials

Virus:Win32/Nabucur.A

1.11302

MicroWorld eScan

Trojan.Obfus.3.Gen

16.0.0.324

NANO AntiVirus

Trojan.Win32.Kryptik.djtwta

0.30.0.64812

Norman

PolyRansom.A

11.20150418

nProtect

Trojan.Obfus.3.Gen

15.01.22.01

Panda Antivirus

Generic Suspicious

15.04.18.09

Qihoo 360 Security

Malware.Radar01.Gen

1.0.0.1015

Quick Heal

Ransom.VirLock.A2

4.15.14.00

Rising Antivirus

PE:Malware.FakeDOC@CV!1.9C3B

23.00.65.15416

Sophos

W32/VirRnsm-A

4.98

Total Defense

Win32/Nabucur.A

37.0.11397

Trend Micro House Call

PE_VIRLOCK.F

7.2.108

Trend Micro

PE_VIRLOCK.F

10.465.18

VIPRE Antivirus

Virus.Win32.Nabucur.a

36874

ViRobot

Trojan.Win32.S.Agent.233984.BL[h]

2014.3.20.0

File size:

228.5 KB (233,984 bytes)

Common path:

C:\users\{user}\downloads\f2f5c3c9d1457777b269d09823490180.pe

File PE Metadata

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

5.12

CTPH (ssdeep):

6144:iZG5c1yGM5fGB9RTB1rrGNdz+tNmnq1ZHOA3:l8W5OB1rrntNkodOA3

Entry address:

0x32E3C

Entry point:

BB, 5C, 78, 0A, 00, BA, 20, 21, 08, 00, 81, EB, 4B, 7B, 0E, 00, 81, EA, FC, B0, 03, 00, 81, C3, 43, 98, 06, 00, 81, EA, 9C, 7F, 03, 00, 81, EB, 91, DD, 05, 00, 81, C2, C1, 4F, 01, 00, 81, C3, BC, 75, 0C, 00, 81, C2, 7C, 52, 07, 00, 81, C3, 00, A3, 08, 00, 81, C2, C1, A7, 01, 00, 81, C3, A0, A7, 08, 00, 81, EA, C1, B1, 01, 00, 81, C3, C1, B7, 01, 00, 81, C2, A0, A8, 08, 00, 81, EB, C1, C1, 01, 00, 81, C2, C0, A5, 08, 00, 81, C3, A0, A5, 08, 00, 81, C2, 00, A6, 08, 00, 81, C3, C1, 97, 01, 00, 81, EA, 91, 7D... 
[+]

Entropy:

7.6600

Code size:

223.5 KB (228,864 bytes)

Remove f2f5c3c9d1457777b269d09823490180.pe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.