» donronlax.bin
Overview
Analysis
File Details

donronlax.bin

The file donronlax.bin has been detected as a potentially unwanted program by 29 anti-malware scanners.

File name:

donronlax.bin

MD5:

e6698b2f468cc3a4b85e8e51639c0dd6

SHA-1:

84e173e77ad5e18fd267630c3cd81220def601d2

SHA-256:

15c48790625dbda5fc5d44a3ae3c22be0a275b774c1b054320309a046f62952b

Scanner detections:

29 / 68

Status:

Potentially unwanted

Analysis date:

5/3/2024 2:19:19 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.ScriptKD.3185

-40

Avira AntiVirus

TR/Dldr.Agent.fesxe

8.3.3.4

Arcabit

Trojan.Zusy.D3427A

1.0.0.798

avast!

Win32:Rootkit-gen [Rtk]

2014.9-170315

AVG

Linkury

2018.0.2438

Baidu Antivirus

Win32.Trojan.WisdomEyes.16070401.9500

4.0.3.17315

Bitdefender

Trojan.ScriptKD.3185

1.0.20.370

Dr.Web

Trojan.DownLoader22.46446

9.0.1.074

Emsisoft Anti-Malware

Trojan.ScriptKD.3185

8.17.03.15.04

ESET NOD32

MSIL/Toolbar.Linkury.BB potentially unwanted (variant)

11.15076

F-Prot

W32/MSIL.DRO

v6.4.7.1.166

F-Secure

Gen:Variant.Zusy.213626

11.2017-15-03_4

G Data

Trojan.ScriptKD.3185

17.3.A:25.11150B:25.9068

IKARUS anti.virus

PUA.MSIL.Toolbar

0.2.1.2

K7 AntiVirus

Adware

13.10.4.22688

Kaspersky

not-a-virus:WebToolbar.MSIL.Agent

14.0.0.-1313

Malwarebytes

PUP.Optional.LogicHandler

v2017.03.15.04

McAfee

Artemis!E6698B2F468C

5600.6094

Microsoft Security Essentials

Trojan:Win32/Dynamer!ac

1.1.13504.0

MicroWorld eScan

Trojan.ScriptKD.3185

18.0.0.222

NANO AntiVirus

Trojan.Win32.DownLoader22.egqupj

1.0.70.15657

Panda Antivirus

Trj/CI.A

17.03.15.04

Qihoo 360 Security

Win32/RootKit.Rootkit.7e5

1.0.0.1120

Reason Heuristics

Adware.Linkury.ET (M)

17.3.15.16

Sophos

Linkury (PUA)

4.98

SUPERAntiSpyware

PUP.Linkury/Variant

8534

Trend Micro House Call

TROJ_GEN.R08NC0PCC17

7.2.74

Trend Micro

TROJ_GEN.R08NC0PCC17

10.465.15

VIPRE Antivirus

Trojan.Win32.Generic

56600

File size:

1.8 MB (1,938,533 bytes)

Common path:

C:\users\{user}\appdata\roaming\donronlax.bin

File PE Metadata

Compilation timestamp:

8/14/2016 12:15:54 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

14.0

Entry address:

0xFCE7

Entry point:

E8, 09, 05, 00, 00, E9, 80, FE, FF, FF, 3B, 0D, A8, B0, 42, 00, F2, 75, 02, F2, C3, F2, E9, 7E, 06, 00, 00, E9, 89, 4C, 00, 00, 55, 8B, EC, 83, 25, 60, 79, 45, 00, 00, 83, EC, 2C, 53, 33, DB, 43, 09, 1D, AC, B0, 42, 00, 6A, 0A, E8, BD, 1B, 01, 00, 85, C0, 0F, 84, 74, 01, 00, 00, 83, 65, EC, 00, 33, C0, 83, 0D, AC, B0, 42, 00, 02, 33, C9, 56, 57, 89, 1D, 60, 79, 45, 00, 8D, 7D, D4, 53, 0F, A2, 8B, F3, 5B, 89, 07, 89, 77, 04, 89, 4F, 08, 89, 57, 0C, 8B, 45, D4, 8B, 4D, E0, 89, 45, F4, 81, F1, 69, 6E, 65, 49... 
[+]

Entropy:

7.9550 (probably packed)

Code size:

132 KB (135,168 bytes)

Remove donronlax.bin - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.