» wn2t1n5f.exe
Overview
Analysis
File Details

wn2t1n5f.exe

Repeat

Basis stomach TV - www.Repeat.com

The executable wn2t1n5f.exe, “Eddy review tonight anybody” has been detected as malware by 22 anti-virus scanners.

File name:

wn2t1n5f.exe

Publisher:

Basis stomach TV - www.Repeat.com

Product:

Repeat

Description:

Eddy review tonight anybody

Version:

1.0.0.3

MD5:

de505a167d3b69c25b641bbb77b250d0

SHA-1:

ea0531eafa08fad516743054afe95dd8bb4d430b

SHA-256:

599431c18d159b17a2b668d922a1b5175f20bd012e509b4a4204b39bc74cca71

Scanner detections:

22 / 68

Status:

Malware

Analysis date:

4/25/2024 9:02:58 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Zusy.119071

6184438

AhnLab V3 Security

Trojan/Win32.MDA

2014.12.19

avast!

Win32:Malware-gen

141214-1

AVG

Inject2

2015.0.3256

Baidu Antivirus

Trojan.Win32.Ransom

4.0.3.141218

Bitdefender

Gen:Variant.Zusy.119071

1.0.20.1760

Emsisoft Anti-Malware

Gen:Variant.Zusy.119071

9.0.0.4668

ESET NOD32

Win32/Injector.BRLL trojan

7.0.302.0

Fortinet FortiGate

W32/Yakes.HXZT!tr

12/18/2014

F-Secure

Gen:Variant.Zusy.119071

5.13.68

G Data

Gen:Variant.Zusy.119071

14.12.24

Kaspersky

Trojan.Win32.Yakes

15.0.0.543

Malwarebytes

Trojan.Agent.DED

v2014.12.18.11

McAfee

Trojan.Artemis!DE505A167D3B

16.8.708.2

Microsoft Security Essentials

Threat.Undefined

1.191.312.0

MicroWorld eScan

Gen:Variant.Zusy.119071

15.0.0.1056

Norman

Gen:Variant.Zusy.119071

04.12.2014 14:30:06

Panda Antivirus

Trj/CI.A

14.12.18.11

Qihoo 360 Security

HEUR/QVM10.1.Malware.Gen

1.0.0.1015

Sophos

Virus 'Troj/Wonton-MK'

5.09

SUPERAntiSpyware

Trojan.Agent/Gen-Dropper

10169

Trend Micro House Call

TROJ_GEN.R0C1H07LI14

7.2.352

File size:

144.5 KB (147,968 bytes)

Product version:

5.0

File type:

Executable application (Win32 EXE)

Language:

Arabic (Saudi Arabia)

File PE Metadata

Compilation timestamp:

12/17/2014 7:32:28 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

3072:3H4c4XJFZDAI0yYavEtAtFFFFFFFbY3sqb60V:3UnZ5RU6W

Entry address:

0x37A2

Entry point:

E8, 74, 49, 00, 00, E9, 78, FE, FF, FF, 83, 25, 04, C3, 41, 00, 00, E8, 49, 4A, 00, 00, A3, 04, C3, 41, 00, 33, C0, C3, 55, 8B, EC, 83, EC, 08, 83, E4, F0, DD, 1C, 24, F3, 0F, 7E, 04, 24, E8, 08, 00, 00, 00, C9, C3, 66, 0F, 12, 44, 24, 04, BA, 00, 00, 00, 00, 66, 0F, 28, E8, 66, 0F, 14, C0, 66, 0F, 73, D5, 34, 66, 0F, C5, CD, 00, 66, 0F, 28, 0D, 90, 55, 41, 00, 66, 0F, 28, 1D, F0, 55, 41, 00, 66, 0F, 28, 25, A0, 55, 41, 00, 66, 0F, 28, 35, B0, 55, 41, 00, 66, 0F, 54, C1, 66, 0F, 56, C3, 66, 0F, 58, E0, 66... 
[+]

Code size:

72.5 KB (74,240 bytes)

Remove wn2t1n5f.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.