» recur_formul_sp.exe
Overview
Analysis
File Details

recur_formul_sp.exe

The executable recur_formul_sp.exe has been detected as malware by 24 anti-virus scanners.

File name:

recur_formul_sp.exe

MD5:

2a3a78213d98698b365f94585be476b6

SHA-1:

e6c755b401547c7cdcfe33a8f28c9fe39a1d117d

SHA-256:

feaed30f81bf0da2d96f491087167375c45924326bfa333cb88fd4624f9e1240

Scanner detections:

24 / 68

Status:

Malware

Analysis date:

4/28/2024 6:32:17 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Symmi.69428

-40

Avira AntiVirus

TR/Dldr.Delphi.pkapc

8.3.3.4

Arcabit

Trojan.Symmi.D10F34

1.0.0.795

avast!

Win32:Banker-MZG [Trj]

2014.9-170316

Bitdefender

Gen:Variant.Symmi.69428

1.0.20.375

Emsisoft Anti-Malware

Gen:Variant.Symmi.69428

8.17.03.16.12

ESET NOD32

Win32/TrojanDownloader.Banload.XTQ (variant)

11.14888

Fortinet FortiGate

W32/Banload.XTN!tr.dldr

3/16/2017

F-Secure

Gen:Variant.Symmi.69428

11.2017-16-03_5

G Data

Gen:Variant.Symmi.69428

17.3.25

IKARUS anti.virus

Trojan-Downloader.Win32.Banload

0.1.3.4

K7 AntiVirus

Trojan-Downloader

13.2422319

Kaspersky

Trojan-Downloader.Win32.Delf

14.0.0.-1315

McAfee

Downloader-FBKF!2A3A78213D98

5600.6094

Microsoft Security Essentials

Trojan:Win32/Dynamer!ac

1.1.13407.0

MicroWorld eScan

Gen:Variant.Symmi.69428

18.0.0.225

Panda Antivirus

Trj/GdSda.A

17.03.16.12

Qihoo 360 Security

HEUR/QVM05.1.0000.Malware.Gen

1.0.0.1120

Rising Antivirus

Malware.Generic!eAezcDslLrM@4 (thunder)

23.00.65.17314

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_GEN.R0F8C0EB517

7.2.75

Trend Micro

TROJ_GEN.R0F8C0EB517

10.465.16

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

3.12.26.4

VIPRE Antivirus

Trojan.Win32.Generic

55762

File size:

1.1 MB (1,146,671 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\recur_formul_sp.exe

File PE Metadata

Compilation timestamp:

6/19/1992 7:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

Entry address:

0xCEB74

Entry point:

55, 8B, EC, 83, C4, F0, B8, FC, E5, 4C, 00, E8, 14, 7C, F3, FF, 68, F0, EB, 4C, 00, 6A, 00, 6A, 00, E8, 46, 7E, F3, FF, E8, A9, 7F, F3, FF, 3D, B7, 00, 00, 00, 75, 07, 33, C0, E8, 3F, 55, F3, FF, 68, 6C, 56, 00, 00, E8, 31, 81, F3, FF, A1, B8, 78, 4D, 00, 8B, 00, E8, 59, 5B, F9, FF, 8B, 0D, EC, 77, 4D, 00, A1, B8, 78, 4D, 00, 8B, 00, 8B, 15, 44, D3, 4C, 00, E8, 59, 5B, F9, FF, A1, B8, 78, 4D, 00, 8B, 00, C6, 40, 5B, 00, A1, B8, 78, 4D, 00, 8B, 00, E8, C2, 5B, F9, FF, E8, 1D, 54, F3, FF, 00, 4F, 49, 48, 4A... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

823 KB (842,752 bytes)

Remove recur_formul_sp.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.