» windows 10 keys.exe
Overview
Analysis
File Details

windows 10 keys.exe

The application windows 10 keys.exe has been detected as a potentially unwanted program by 31 anti-malware scanners. This backdoor trojan may be used to conduct distributed denial of service attacks, or used to install additional trojans or other forms of malicious software as well as can steal your sensitive information.

File name:

windows 10 keys.exe

MD5:

480081af5e7ddda62b6c6d53b05bbee3

SHA-1:

3fb69900335884c7f888529f0d43dbd5c1b073a0

SHA-256:

034b6b130910be77f2666742ed4ad8b94f5d0b16b515e85491aeaf9d00743886

Scanner detections:

31 / 68

Status:

Potentially unwanted

Analysis date:

4/19/2024 2:49:30 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Dropped:Trojan.GenericKD.2615188

517

Agnitum Outpost

Trojan.Disfa

7.1.1

Avira AntiVirus

TR/AD.Bladabindi.Y.1010

8.3.1.6

Arcabit

Trojan.Generic.D27E794

1.0.0.425

avast!

MSIL:Zbot-X [Trj]

2014.9-150905

AVG

Atros

2016.0.2995

Baidu Antivirus

Adware.MSIL.iBryte

4.0.3.1595

Bitdefender

Dropped:Trojan.GenericKD.2615188

1.0.20.1240

Bkav FE

HW32.Packed

1.3.0.7062

Emsisoft Anti-Malware

Dropped:Trojan.GenericKD.2615188

8.15.09.05.03

ESET NOD32

MSIL/Kryptik.BJA (variant)

9.12075

Fortinet FortiGate

MSIL/Kryptik.BJA!tr

9/5/2015

F-Secure

Dropped:Trojan.GenericKD.2615188

11.2015-05-09_7

G Data

Dropped:Trojan.GenericKD.2615188

15.9.25

IKARUS anti.virus

Trojan.MSIL.Crypt

t3scan.1.9.5.0

K7 AntiVirus

Trojan

13.207.16845

Kaspersky

Trojan.MSIL.Disfa

14.0.0.1472

Malwarebytes

Trojan.Agent.DTH

v2015.09.05.03

McAfee

RDN/Generic BackDoor

5600.6651

Microsoft Security Essentials

Backdoor:MSIL/Bladabindi.AJ

1.1.11903.0

MicroWorld eScan

Dropped:Trojan.GenericKD.2615188

16.0.0.744

NANO AntiVirus

Trojan.Win32.Disfa.duwpzy

0.30.24.3079

nProtect

Dropped:Trojan.GenericKD.2615188

15.08.11.01

Panda Antivirus

Trj/CI.A

15.09.05.03

Qihoo 360 Security

Win32/Trojan.BO.8fb

1.0.0.1015

Quick Heal

Backdoor.BLA.r3

9.15.14.00

Rising Antivirus

PE:Trojan.Win32.Generic.18EA15BB!417994171

23.00.65.15903

Sophos

Mal/Generic-S

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Kryptik

9648

Trend Micro

TROJ_GEN.R0C1C0CH815

10.465.05

VIPRE Antivirus

Trojan.Win32.Generic

42790

File size:

247.1 KB (253,080 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\windows 10 keys.exe

File PE Metadata

Compilation timestamp:

3/31/2007 5:09:55 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

6144:0R7d9sjKotgCNShSmbiTGjJNB27J6DSii6jv6nbg6K:KsjKANn6iK7B2dziPDQbgR

Entry address:

0x315D

Entry point:

55, 8B, EC, 81, EC, 80, 01, 00, 00, 53, 56, 33, DB, 57, 89, 5D, F4, C7, 45, F8, 30, 92, 40, 00, 89, 5D, FC, C6, 45, EC, 20, FF, 15, 30, 70, 40, 00, 53, FF, 15, 70, 72, 40, 00, A3, D0, F0, 42, 00, 53, 8D, 85, 80, FE, FF, FF, 68, 60, 01, 00, 00, 50, 53, 68, 40, 94, 42, 00, FF, 15, 54, 71, 40, 00, 68, 24, 92, 40, 00, 68, 20, E8, 42, 00, E8, EE, 27, 00, 00, FF, 15, B0, 70, 40, 00, BE, 00, 50, 43, 00, 50, 56, E8, DC, 27, 00, 00, 53, FF, 15, 08, 71, 40, 00, 80, 3D, 00, 50, 43, 00, 22, A3, 20, F0, 42, 00, 8B, C6... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

23 KB (23,552 bytes)

Remove windows 10 keys.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.