» your file.exe
Overview
Analysis
File Details
Downloads (1)

your file.exe

WindowsApplication14

The executable your file.exe has been detected as malware by 10 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from topfiles.me.

File name:

your file.exe

Publisher:

Microsoft* (Invalid match)

Product:

WindowsApplication14

Version:

1.0.0.0

MD5:

8cd656f672fae35d736b77ca80f4bb3c

SHA-1:

8db55211373a359e82c1b30668cbbe9211924a34

SHA-256:

5d7f75d8b0b967e2440b6db2eedc42f6017d65ab7f52264163d0143ba146221c

Scanner detections:

10 / 68

Status:

Malware

Analysis date:

5/8/2024 9:31:43 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.12294871

398

avast!

Win32:Malware-gen

2014.9-160102

AVG

Luhe.Fiha.A

2017.0.2876

Bitdefender

Trojan.Generic.12294871

1.0.20.10

Emsisoft Anti-Malware

Trojan.Generic.12294871

8.16.01.02.07

F-Secure

Trojan.Generic.12294871

11.2016-02-01_7

G Data

Trojan.Generic.12294871

16.1.24

MicroWorld eScan

Trojan.Generic.12294871

17.0.0.6

nProtect

Trojan.Generic.12294871

14.12.09.01

Qihoo 360 Security

HEUR/QVM03.0.Malware.Gen

1.0.0.1015

File size:

1.8 MB (1,885,184 bytes)

Product version:

1.0.0.0

Original file name:

WindowsApplication14.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\your file.exe

File PE Metadata

Compilation timestamp:

3/24/2013 10:13:23 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

49152:9tsP2zm0/wc6xweGXibzsEF7w01MpOHnm:XsP2H/wc6VGXibQC7wmM4

Entry address:

0x192D9E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 03, 0A, 4F, 51, 00, 00, 00, 00, 02, 00, 00, 00, 9F, 00, 00, 00, 1C, 40, 19, 00, 1C, 12, 19, 00, 52, 53... 
[+]

Entropy:

7.7050

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

1.6 MB (1,641,984 bytes)

The file your file.exe has been seen being distributed by the following URL.

http://topfiles.me/dl.php?mode=dl&f=7b08612a197e31746f2f7dcf7691f054.exe

Remove your file.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.