» ynlzkptn_emmc_odin.exe
Overview
Analysis
File Details

ynlzkptn_emmc_odin.exe

The executable ynlzkptn_emmc_odin.exe has been detected as malware by 12 anti-virus scanners.

File name:

Version:

1.0.0.9

MD5:

fc9f7376c29687894ffdf845b111dac7

SHA-1:

c152b2fe4fb0512ffd53ec2a72c56c7e155ec4e0

SHA-256:

8bb0fd608ce6b5400f87e19b0f640131bf1c47f92716f13e3e36fcb4da9e332c

Scanner detections:

12 / 68

Status:

Malware

Analysis date:

4/24/2024 3:46:24 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.423089

431

Agnitum Outpost

Trojan.Agent

7.1.1

Avira AntiVirus

TR/Agent.3159552.3

8.3.2.2

Arcabit

Trojan.Kazy.D674B1

1.0.0.582

Bitdefender

Gen:Variant.Kazy.423089

1.0.20.1675

Bkav FE

HW32.Packed

1.3.0.7237

Emsisoft Anti-Malware

Gen:Variant.Kazy.423089

8.15.12.01.06

F-Secure

Gen:Variant.Kazy.423089

11.2015-01-12_3

G Data

Gen:Variant.Kazy.423089

15.12.25

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.1039

MicroWorld eScan

Gen:Variant.Kazy.423089

16.0.0.1005

Qihoo 360 Security

Win32/Trojan.24f

1.0.0.1015

File size:

3 MB (3,159,552 bytes)

Product version:

1.0.0.0

File type:

Executable application (Win32 EXE)

Language:

Russian (Russia)

Common path:

C:\Program Files\z3x emmc odin\ynlzkptn_emmc_odin.exe

File PE Metadata

Compilation timestamp:

9/8/2015 1:19:33 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

98304:lnSL3nrgl52b2igDZJ8U5hLwPYMZsR4ahO:lnSLC2yi6Zj5hLwPXyo

Entry address:

0x379C62

Entry point:

60, 89, 4C, 24, 08, FF, 74, 24, 04, C7, 44, 24, 20, 9E, 5D, 9F, BE, 68, 0E, F8, 6D, E0, E9, ED, 2D, 02, 00, 9C, 8D, 64, 24, 04, 0F, 85, BE, 8B, 28, 00, 55, 66, 9C, 66, 8F, 44, 24, 02, 20, D2, C0, EA, 04, 8A, 16, C6, 04, 24, 1C, 60, F5, 80, C2, 8E, 66, 0F, A3, FE, 66, F7, C5, 3A, 31, 0F, BA, E0, 1E, F6, DA, F5, 68, 33, A7, AE, 4F, 9C, 9C, C0, CA, 02, 66, C7, 04, 24, 9E, F8, 66, 0F, BA, E0, 01, F9, F9, 80, EA, 24, F8, E8, A5, D4, 27, 00, 60, 8D, 64, 24, 24, 0F, 85, DE, 22, 00, 00, 9C, 60, 60, 8D, 64, 24, 44... 
[+]

Entropy:

7.9185 (probably packed)

Code size:

1.7 MB (1,792,000 bytes)

Remove ynlzkptn_emmc_odin.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.