home

zoek.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.hijackthis.nl.
MD5:
10d14be8c9af402f8b27c9ddbb45a87d

SHA-1:
7aaf807362a54f7dfc36e0933ec59dffe7e736f0

SHA-256:
193c647cce5fa55a644d03e1b93ed4099b45fb8d95b0105589c5924c93490724

Scanner detections:
6 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/25/2024 2:52:45 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Win32/Heur
2014.0.3986

Bkav FE
W32.HfsAutoA
1.3.0.4959

Comodo Security
Packed.Win32.MUPX.Gen
19108

K7 AntiVirus
Trojan
13.182.12966

Qihoo 360 Security
Malware.QVM19.Gen
1.0.0.1015

Sophos
Mal/HckPk-A
4.98

File size:
1.2 MB (1,288,704 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\zoek.exe

File PE Metadata
Compilation timestamp:
11/8/2010 7:12:07 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.50

CTPH (ssdeep):
24576:QVFDm5dBz79UkuCWaBK9L0Mg0bIuH7eS2IpEmVUdni51nBVFDm5dBz7F:QVy7zZUT/9o21GIpEmyi51BVy7zp

Entry address:
0x28F720

Entry point:
96, 5A, 63, D5, 9A, 4C, C2, C7, 48, E0, 9F, BF, DA, CD, 27, 52, BA, 01, 1C, A4, E6, D7, E8, 69, 78, C2, 84, DE, 44, 0E, 5E, A9, DA, C7, 6B, 61, E5, 7F, 0B, F9, AE, AF, C1, D0, B0, F4, 1F, D6, 0B, EA, 62, 2C, C5, BB, 83, 7D, 16, 4B, 25, C9, E0, 56, 43, 21, BF, A0, B6, BC, 64, E6, 65, 1C, 95, 7D, 93, 1A, CD, 8F, E9, 28, 49, F3, 1B, A5, CF, 5F, A6, 32, B3, 1C, 6F, BA, 1B, C6, C5, 4A, 19, 72, C9, 8D, 34, 1A, 18, CB, A8, EF, 02, B9, DE, 37, 0E, 18, 43, B9, D3, 6B, 54, EF, 5A, 43, 08, D8, 47, 1E, C7, 91, 21, 70...
 
[+]

Entropy:
7.9998  (probably packed)

Code size:
1.2 MB (1,277,952 bytes)

The file zoek.exe has been seen being distributed by the following URL.

http://www.hijackthis.nl/.../zoek2.html

Scan zoek.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.