home

vkontaktedjd.exe

Vkontakte DJ Installer

The application vkontaktedjd.exe has been detected as a potentially unwanted program by 11 anti-malware scanners. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from grot.appsflybeta.biz and multiple other hosts.
Product:
Vkontakte DJ Installer

Version:
1.9.1.25

MD5:
20e6d48625868682cd04f31206b59399

SHA-1:
00750920ea5c201494b5b58a5e599cfe3aa4bf70

SHA-256:
098afda7680cb8903a18656f817a280c3d25012fed76a9a3bc17da5da94c0e87

Scanner detections:
11 / 68

Status:
Potentially unwanted

Analysis date:
4/28/2024 2:32:20 PM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
PUA.MSIL.VKontakteDJ
4.0.3.16211

Dr.Web
Program.VKontakteDJ.9
9.0.1.042

ESET NOD32
MSIL/VKontakteDJ.A potentially unwanted (variant)
10.12773

Fortinet FortiGate
Riskware/VKontakteDJ
2/11/2016

G Data
Win32.Trojan.Agent.IQGTUH
16.2.25

K7 AntiVirus
Adware
13.212.18217

Kaspersky
not-a-virus:Downloader.MSIL.VKontakteDJ
14.0.0.677

McAfee
Artemis!20E6D4862586
5600.6492

Panda Antivirus
Generic Suspicious
16.02.11.02

Sophos
Vkontakte DJLoader (PUA)
4.98

VIPRE Antivirus
Trojan.Win32.Generic
46052

File size:
563.5 KB (577,024 bytes)

Product version:
1.9.1.25

Copyright:
Copyright © 2015

Original file name:
DjLoader.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\vkontaktedjd.exe

File PE Metadata
Compilation timestamp:
11/10/2015 3:31:34 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:G6nBtFB4P7qsKQ0jnAt4BknkA3F2nz2scSBtFC:xnJB4DBKQ0jnpBknk62CsTJC

Entry address:
0x6AF4E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
420 KB (430,080 bytes)

The file vkontaktedjd.exe has been seen being distributed by the following 2 URLs.

http://grot.appsflybeta.biz/sakr21.html??group=vkdjsite&name=-undefined&parameter=btn22

http://appdrivestorage.biz/.../ZWMwMDAxMDA2NzAwMDM4YjAwMDAwMzllMDAwMzllMDAwMzllYTgwMzQyZDM4MQ==

Remove vkontaktedjd.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.