» yiojcafhen.exe
Overview
Analysis
File Details

yiojcafhen.exe

Shpe Tefqidsh Hu

The application yiojcafhen.exe by Shpe Tefqidsh Hu has been detected as a potentially unwanted program by 22 anti-malware scanners.

File name:

yiojcafhen.exe

Publisher:

Shpe Tefqidsh Hu (signed and verified)

MD5:

ca64a65938e1aea1b8bca0b8529e273e

SHA-1:

11d90a0a037aed59dcf554d9713d727f0f3eb085

SHA-256:

6ece546be74d80b18e0ba093920c197bd631246caea4eee66dca843918520217

Scanner detections:

22 / 68

Status:

Potentially unwanted

Analysis date:

4/19/2024 1:16:09 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Zusy.168866

435

Agnitum Outpost

PUA.PennyBee

7.1.1

AhnLab V3 Security

PUP/Win32.Pennybee

2015.11.23

Avira AntiVirus

ADWARE/PennyBee.Gen7

8.3.2.4

Arcabit

Trojan.Zusy.D293A2

1.0.0.597

AVG

Generic_r

2016.0.2913

Baidu Antivirus

Adware.Win32.PennyBee

4.0.3.151127

Bitdefender

Gen:Variant.Zusy.168866

1.0.20.1655

Comodo Security

ApplicUnwnt

23640

Dr.Web

Trojan.BPlug.1045

9.0.1.0331

Emsisoft Anti-Malware

Gen:Variant.Zusy.168866

8.15.11.27.04

ESET NOD32

Win32/Adware.PennyBee.AD (variant)

9.12608

F-Prot

W32/S-fff3b8e0

v6.4.7.1.166

F-Secure

Gen:Variant.Zusy.168866

11.2015-27-11_6

G Data

Gen:Variant.Zusy.168866

15.11.25

IKARUS anti.virus

PUA.PennyBee

t3scan.1.9.5.0

Malwarebytes

PUP.Optional.Komodia.WnskRST

v2015.11.27.04

MicroWorld eScan

Gen:Variant.Zusy.168866

16.0.0.993

Panda Antivirus

Trj/Genetic.gen

15.11.27.04

Qihoo 360 Security

HEUR/QVM10.1.Malware.Gen

1.0.0.1077

Reason Heuristics

Adware.ShopperZ.ShpeTefqidshHu.Meta (M)

15.11.27.4

SUPERAntiSpyware

Adware.PennyBee/Variant

9483

File size:

173.8 KB (177,992 bytes)

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\groover201120151802\yiojcafhen.exe

Digital Signature

Signed by:

Shpe Tefqidsh Hu

Authority:

Shpe Tefqidsh Hu

Valid from:

11/20/2015 9:02:17 AM

Valid to:

11/19/2016 9:02:17 AM

Subject:

CN=Boarka Ehysd, O=Shpe Tefqidsh Hu, L=Anhogi, S=Xyikpuctaa, C=CN

Issuer:

CN=Ticv Vecno, O=Shpe Tefqidsh Hu, L=Anhogi, S=Xyikpuctaa, C=CN

Serial number:

File PE Metadata

Compilation timestamp:

11/20/2015 9:03:15 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

3072:NExpuCH48Fil7zygVWIgTriSotpqVnK+guo40n3QVTyEW7kw:expuGvFyDWFQeK/l3kw

Entry address:

0x10E62

Entry point:

E8, D8, 8D, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B, 4C, 24, 04, 2B, C1, C3, 8D, 41, FE, 8B, 4C... 
[+]

Entropy:

6.4468

Code size:

126 KB (129,024 bytes)

Remove yiojcafhen.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.