home

所用软件.7z

The file 所用软件.7z has been detected as a potentially unwanted program by 22 anti-malware scanners. The file has been seen being downloaded from qd2.cache.baidupcs.com.
MD5:
a45820bd0538fd84d68bba15910b53cb

SHA-1:
e29980dbc3ac80b49581e664f774ed05ffd90698

SHA-256:
91dfd1ca104d2201f5572772893d85eb2b7082a7cb53b07d1eb0d39a47a0eb57

Scanner detections:
22 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 11:37:52 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Packer.Expressor.B
5753686

Arcabit
Packer.Expressor.B
1.0.0.585

avast!
Win32:Malware-gen
2014.9-151023

AVG
HackTool
2016.0.2948

Bitdefender
Packer.Expressor.B
1.0.20.1480

Comodo Security
Backdoor.Win32.Hupigon.~d023
23460

Dr.Web
Threat.Undefined
9.0.1.05190

Emsisoft Anti-Malware
Packer.Expressor
10.0.0.5366

ESET NOD32
Win32/TFTPD32.B potentially unsafe application
7.0.302.0

Fortinet FortiGate
PossibleThreat
10/23/2015

F-Secure
Packer.Expressor.B
11.2015-23-10_6

G Data
Packer.Expressor
15.10.25

IKARUS anti.virus
Trojan-Dropper.Agent
t3scan.1.9.5.0

K7 AntiVirus
Trojan
13.211.17624

MicroWorld eScan
Packer.Expressor.B
16.0.0.888

NANO AntiVirus
Riskware.Win32.SFH.utjed
0.30.26.3947

Norman
Packer.Expressor.B
22.10.2015 04:41:22

nProtect
Packer.Expressor.B
15.10.23.01

Quick Heal
Server-FTP.SFH.r4 (Not a Virus)
10.15.14.00

Sophos
Generic PUA CA (PUA)
4.98

Trend Micro
TROJ_GEN.R08JC0EGI15
10.465.23

VIPRE Antivirus
Trojan.Win32.Generic
44758

File size:
5.3 MB (5,533,004 bytes)

Common path:
C:\users\{user}\downloads\????.7z

The file 所用软件.7z has been seen being distributed by the following URL.

http://qd2.cache.baidupcs.com/.../b7517e79dbc4a8b4e62d0bcef38f2f23?bkt=p2-nb-570&xcode=6ef4e14b63426fd928e7c2ad89df2cab1b9d6fde93989b6894b92e463168dc1b&fid=1292311926-250528-262566882028452&time=1445580819&sign=FDTAXGERLBH-DCb740ccc5511e5e8fedcff06b081203-X4zFNG0TcplZlgmSN5dQy12Kkko=&to=qc2&fm=Nin,B,U,nc&sta_dx=5&sta_cs=0&sta_ft=7z&sta_ct=7&fm2=Ningbo,B,U,nc&newver=1&newfm=1&secfm=1&flow_ver=3&pkey=00002b60ffd7e4f80272c9016ca7e97bd4f3&sl=79888463&expires=8h&rt=sh&r=139883969&mlogid=6855631930959900543&vuk=-&vbdid=1212356827&fin=????.7z&fn=????.7z&slt=pm&uta=0&rtype=1&iv=0&isw=0&dp-logid=6855631930959900543&dp-callid=0.1.1

Remove 所用软件.7z - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.