» xs v.11.2.exe
Overview
Analysis
File Details
Downloads (1)

xs v.11.2.exe

Pichenka

The application xs v.11.2.exe has been detected as a potentially unwanted program by 21 anti-malware scanners. The file has been seen being downloaded from drive.google.com.

File name:

xs v.11.2.exe

Publisher:

Pichenka

Product:

Pichenka

Version:

0.0245.94.175

MD5:

ce69486e170cd8687ac29ae17fa1caa2

SHA-1:

68818b6f0d0efb4da86abc8e174ec1c61d453466

SHA-256:

eef2bc4ac8208d706ecaf2060a9ea2ef355f0fb06adde55e111b392a68bc4e63

Scanner detections:

21 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 10:20:27 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.MSILPerseus.435

378

Avira AntiVirus

TR/Dropper.MSIL.212153

8.3.2.2

Arcabit

Trojan.MSILPerseus.435

1.0.0.585

avast!

Win32:Trojan-gen

2014.9-160123

AVG

MSIL9

2017.0.2856

Baidu Antivirus

Adware.MSIL.iBryte

4.0.3.16123

Bitdefender

Gen:Variant.MSILPerseus.435

1.0.20.115

Dr.Web

Trojan.PWS.Steam.2512

9.0.1.023

Emsisoft Anti-Malware

Gen:Variant.MSILPerseus.435

8.16.01.23.07

ESET NOD32

MSIL/Kryptik.DYA (variant)

10.12481

Fortinet FortiGate

Generik.BZFDDVY!tr

1/23/2016

F-Secure

Gen:Variant.MSILPerseus.435

11.2016-23-01_7

G Data

Gen:Variant.MSILPerseus.435

16.1.25

K7 AntiVirus

Trojan

13.212.17683

Malwarebytes

Trojan.Crypt.Generic

v2016.01.23.07

Microsoft Security Essentials

PWS:MSIL/Stimilina.H

1.1.12205.0

MicroWorld eScan

Gen:Variant.MSILPerseus.435

17.0.0.69

NANO AntiVirus

Trojan.Win32.Steam.dyevdj

0.30.26.3947

Panda Antivirus

Trj/CI.A

16.01.23.07

Sophos

Mal/Generic-S

4.98

VIPRE Antivirus

Trojan.Win32.Generic

44884

File size:

2 MB (2,073,600 bytes)

Product version:

0.0245.94.175

Trademarks:

Pichenka

Original file name:

Pichenka.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\xs v.11.2.exe

File PE Metadata

Compilation timestamp:

10/16/2015 10:10:32 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

24576:6tgCLyfylaIPqR+FdzIfRubKratMSv8nSjLglzYa3IlEFa/Z6LWhJ/J5J5xf17fU:6ZLyfyVq+FJGulv8nSMzdkEc6Lg0lB

Entry address:

0x53112

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.7396

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

324.5 KB (332,288 bytes)

The file xs v.11.2.exe has been seen being distributed by the following URL.

https://drive.google.com/uc?export=download&confirm=no_antivirus&id=0B-zp-jBN3wjqOENva1pWejN3MkU

Remove xs v.11.2.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.