home

xextool.exe

The executable xextool.exe has been detected as malware by 13 anti-virus scanners. This is a setup program which is used to install the application. This file is typically installed with the program Iso2God v1.3.6 by Team 360h. The file has been seen being downloaded from mega.nz and multiple other hosts.
MD5:
99c687c10aef076bbde66c7efae46b0a

SHA-1:
f2145da266ba43f6e7f7136d7207b39b5f8a6ab3

Scanner detections:
13 / 68

Status:
Malware

Analysis date:
4/25/2024 10:55:27 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Backdoor.Agent
7.1.1

AhnLab V3 Security
Win-Trojan/ASD.variant
14.03.26

Bkav FE
W32.Clod4a2.Trojan
1.3.0.4959

F-Prot
W32/Backdoor2.DBLS
v6.4.7.1.166

K7 AntiVirus
Backdoor
13.176.11510

McAfee
Generic.dx!99C687C10AEF
5600.7180

NANO AntiVirus
Trojan.Win32.DBLS.evcum
0.28.0.58491

nProtect
Trojan/W32.Black.484864.B
14.03.20.02

Quick Heal
(Suspicious) - DNAScan
3.14.12.00

Rising Antivirus
PE:Trojan.Win32.Generic.1258B216!307802646
23.00.65.14324

Sophos
Mal/Behav-270
4.98

Total Defense
Win32/Tnega.AESE
37.0.10829

VIPRE Antivirus
Begin2Search
27576

File size:
473.5 KB (484,864 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\team360h\iso2god\xextool.exe

File PE Metadata
Compilation timestamp:
2/20/2008 1:02:55 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

CTPH (ssdeep):
12288:FZWHIlfl2pAF3Z4mxxVAmRpIvGzXEfYkg:flfl2uQmXVrIiXWe

Entry address:
0x1000

Entry point:
68, 01, 90, 45, 00, E8, 01, 00, 00, 00, C3, C3, DA, 4A, 7E, FC, 23, F7, EE, 88, 53, 56, B8, F2, 8A, 3A, 78, AF, 5E, 4C, 17, DA, B8, 7C, E2, 3C, 67, 73, 4A, F1, 52, 36, D1, 10, 5D, 84, 06, 2D, 40, 7B, 66, 3E, 9F, 92, AE, 8F, 6F, 44, 3D, 78, 4B, 75, C2, 61, 4F, 72, 50, B2, 3A, 48, C7, CE, 22, 78, 97, F5, EA, E9, F8, 20, 72, 24, C2, 23, 59, 23, 06, 7B, DC, 12, 13, FC, 45, B9, 88, 7B, DF, 22, F6, 4F, 8A, 71, 41, DA, 00, 0C, 6B, 93, 1F, AE, 30, 3C, 3A, 75, 14, CC, 75, 72, 6F, 55, 71, 44, D6, 85, 92, 4F, C5, F4...
 
[+]

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
232 KB (237,568 bytes)

The file xextool.exe has been discovered within the following program.

Iso2God v1.3.6  by Team 360h
About 6% of users remove it
 
Powered by Should I Remove It?

The file xextool.exe has been seen being distributed by the following 8 URLs.

https://mega.nz/temporary/.../4180gRSI

http://serv52.f2h.co.il/.../tow78jaajwk7|65b615da028614bc04402ebaf68f7a68|.exe

https://mega.nz/temporary/.../dtNDxaqa

temp:xextool.exe

http://s10500.chomikuj.pl/File.aspx?e=p_VNs8xuVUXAGTB4-4NUdsHDMYz4FQ9xBdjLCP_grHLNpHpXX8IbSMiRu-r1ro28qUNW326h3nwKFtOL5NI-KQ72G45DCS3dDAvNy5APDV1ScgTwzJoKKqqrf3UIz8QtDCicLHGlLmikLuRzIQ4DeA&pv=2

https://mega.nz/temporary/.../9csjEBwA

https://docviewer.yandex.ua/source?id=g2ir-cckrgofsszz3l06nqbp357yzhkx1gajtnbwzvwshe8g7offn0i4gw6avlqrb0imo8sgib5rn31v7l4stzz0aezjcwa11eocrasu&archive-path=//.../xextool.exe&ts=152bce77573&token=EmG4fsPWPhfxZWWnQfgjhg==&name=install programs xbox.rar

http://download1178.mediafire.com/sme0ur0moe7g/.../XexTool.exe

Remove xextool.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.