» yknzixcqui.exe
Overview
Analysis
File Details

yknzixcqui.exe

The executable yknzixcqui.exe has been detected as malware by 39 anti-virus scanners.

File name:

yknzixcqui.exe

MD5:

8a4e51802dc233c3ec7c684a758d5392

SHA-1:

b66bfee415a2014f030fa3c8cc2b9eac6652240c

SHA-256:

87fd7a777b7771b4860c1321b7d04c087e1576f813d8354d4c075666b617864a

Scanner detections:

39 / 68

Status:

Malware

Analysis date:

5/1/2024 11:28:16 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Zusy.169429

-40

Agnitum Outpost

Worm.Chydo

7.1.1

AhnLab V3 Security

Trojan/Win32.Chydo

2016.01.16

Avira AntiVirus

DR/Vilsel.piv

8.3.2.4

Arcabit

Trojan.Zusy.D295D5

1.0.0.642

avast!

Win32:AutoRun-BDI [Wrm]

2014.9-170315

AVG

Generic_r

2018.0.2438

Bitdefender

Gen:Variant.Zusy.169429

1.0.20.370

Bkav FE

W32.PacaselL.Trojan

1.3.0.7400

Clam AntiVirus

Win.Trojan.Pykspa-9

0.98/21511

Comodo Security

Worm.Win32.Autorun.Agent_TV1

23975

Dr.Web

Trojan.MulDrop4.47925

9.0.1.074

Emsisoft Anti-Malware

Gen:Variant.Zusy.169429

8.17.03.15.09

ESET NOD32

Win32/AutoRun.Agent.TV

11.12877

Fortinet FortiGate

W32/Agent.LGB!tr

3/15/2017

F-Prot

W32/KillAV.M.gen

v6.4.7.1.166

F-Secure

Trojan:W32/Chydo.gen!A

11.2017-15-03_4

G Data

Gen:Variant.Zusy.169429

17.3.25

IKARUS anti.virus

Trojan.Win32.Chydo

t3scan.1.9.5.0

K7 AntiVirus

P2PWorm

13.212.18450

Kaspersky

IM-Worm.Win32.Chydo

14.0.0.-1314

Malwarebytes

Trojan.Chydo

v2017.03.15.09

McAfee

BackDoor-EJG

5600.6094

Microsoft Security Essentials

TrojanDropper:Win32/Pykspa.A

1.1.12400.0

MicroWorld eScan

Gen:Variant.Zusy.169429

18.0.0.222

NANO AntiVirus

Trojan.Win32.MulDrop5.dlmcbi

1.0.14.5380

nProtect

Trojan/W32.Chydo.561152.B

16.01.15.02

Panda Antivirus

W32/Autorun.JPZ

17.03.15.09

Qihoo 360 Security

Backdoor.Win32.Agent.GF

1.0.0.1077

Quick Heal

Trojan.KillAv.DR

3.17.14.00

Rising Antivirus

PE:Trojan.DL.Dwonk!1.662D [F]

23.00.65.17313

Sophos

Troj/Bckdr-RAK

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Pykspa

8533

Trend Micro House Call

WORM_MESSEN.SMF

7.2.74

Trend Micro

WORM_MESSEN.SMF

10.465.15

Vba32 AntiVirus

IMWorm.Chydo

3.12.26.4

VIPRE Antivirus

Trojan.Win32.Pykspa.a

46540

ViRobot

Trojan.Win32.Chydo.516096[h]

2014.3.20.0

Zillya! Antivirus

Trojan.Chydo.Win32.77

2.0.0.2612

File size:

548 KB (561,152 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\yknzixcqui.exe

File PE Metadata

Compilation timestamp:

4/20/2009 8:36:21 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

Entry address:

0x2865

Entry point:

6A, 60, 68, 70, 71, 40, 00, E8, 7F, 03, 00, 00, BF, 94, 00, 00, 00, 8B, C7, E8, 83, 10, 00, 00, 89, 65, E8, 8B, F4, 89, 3E, 56, FF, 15, 74, 70, 40, 00, 8B, 4E, 10, 89, 0D, C0, F3, 46, 00, 8B, 46, 04, A3, CC, F3, 46, 00, 8B, 56, 08, 89, 15, D0, F3, 46, 00, 8B, 76, 0C, 81, E6, FF, 7F, 00, 00, 89, 35, C4, F3, 46, 00, 83, F9, 02, 74, 0C, 81, CE, 00, 80, 00, 00, 89, 35, C4, F3, 46, 00, C1, E0, 08, 03, C2, A3, C8, F3, 46, 00, 33, F6, 56, 8B, 3D, 68, 70, 40, 00, FF, D7, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03... 
[+]

Developed / compiled with:

Microsoft Visual C++ v7.0

Code size:

24 KB (24,576 bytes)

Remove yknzixcqui.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.